[Company name]

The NCSC to begin recommending use of passkeys

Talk to an expert

The National Cyber Security Centre (NCSC) announced at CYBERUK 2026 in Glasgow that it will begin recommending the use of passkeys wherever a service supports them, and two-step verification (2SV) where it does not.


A passkey is a way to sign in that does not use a password. Instead, your account is linked to a device you own, such as a phone or computer. When you log in, the service asks your device to confirm it is you, and you approve this by unlocking the device with a fingerprint, face scan or PIN.


Based on analysis carried out by the NCSC, it has been concluded that passkeys provide stronger protection for users than traditional 2SV, which can be vulnerable to phishing. According to the NCSC, phishing is one of the most persistent causes of cyber compromise.


The NCSC point out that, as with any security control, passkeys need to be implemented and used sensibly to be most effective. Users will still depend on the security of their devices and credential managers.


See: https://www.ncsc.gov.uk/blogs/passkeys-are-more-secure-than-traditional-ways-to-log-in

July 16, 2026
New proposals to tackle Electronic Sales Suppression

The government is consulting on potential measures that target Electronic Sales Suppression (ESS). Proposals include the introduction of new software standards for Point of Sale systems. Electronic Sales Suppression (ESS) involves businesses using software or devices to manipulate Electronic Point of Sale (EPOS) systems to hide transactions and evade tax.

Read article
July 15, 2026
UK hiring trends

The June 'UK Report on Jobs' shows subdued business confidence driving a preference for short-term staff. Temporary staff billings rose at the steepest rate in over three years, while permanent staff appointments continued to decline, although at a much slower pace than in May.

Read article