By Elias Watanabe
For decades, the humble password has been the gatekeeper of our digital lives. Clumsy though it was—reused, forgotten, scribbled on sticky notes—it had one advantage: it could be changed. When compromised, you could burn it down and start again.
Now, tech companies promise a sleeker, safer future: the passwordless internet. Apple, Microsoft, and Google are pushing “passkeys”—cryptographic tokens tied to a device or biometric signature. Instead of typing in “P@ssw0rd123,” you log in with a fingerprint, a face scan, or a hardware key. Faster, frictionless, more secure.
At least, that’s the story.
The Irreplaceable Key
Biometric logins solve one problem by creating another. You can reset a password, but you cannot reset your face. If a database of fingerprints leaks—or if biometric authentication is spoofed with deepfakes or prosthetics—the consequences are permanent. The security industry calls this “the irrevocability problem.” It is not hypothetical: breaches of fingerprint databases have already occurred in law enforcement and corporate systems.
And while major vendors insist that biometric data stays on-device, not in the cloud, the reality is more complex. Third-party developers integrate biometric prompts into their apps. Hardware makers implement sensors with varying quality. Supply chains are global. Each link is a potential weak point.
From Convenience to Coercion
There is another layer of risk: coercion. A password can be kept secret under duress. A face, however, is visible to anyone with a camera. In 2019, police in Mumbai compelled suspects to unlock phones with fingerprints. Border agents in several countries now require travelers to submit facial scans before boarding flights. The line between voluntary authentication and compelled identification grows thinner as biometrics become ubiquitous.
The Business of the Body
The shift to passwordless systems also changes the economics of surveillance. If your biometric becomes the master key to every platform—from your bank account to your health portal—companies that control the infrastructure will hold unprecedented leverage over user identity. Already, partnerships between cloud providers and government agencies suggest that the boundary between private authentication and public surveillance is porous.
What happens when your digital wallet refuses to open because a facial recognition system flags you as “high risk” based on flawed data? What recourse do you have if a corporate provider locks you out not because you typed the wrong password, but because your body itself has been misread?
Designing for the Future, Not Just the Demo
None of this means passkeys and biometrics are doomed. Used carefully, they can reduce phishing, eliminate credential stuffing, and simplify life for billions of users. But the risks are not technical footnotes—they are structural. Irrevocability, coercion, and concentration of identity power must be part of the design conversation now, before passwordless systems become the invisible plumbing of the internet.
The future of authentication should not simply ask: Is it secure today? It must also ask: What happens when it breaks tomorrow?
Because in a biometric internet, the cost of compromise is not measured in characters lost, but in identities that cannot be changed.
