TikTok is adopting Apple’s passwordless passkeys login system in a move that aims to bolster user account security, and further parent company ByteDance’s efforts to clean up its act when it comes to data privacy.
The Passkeys reveal, alongside an announcement that TikTok would be joining the likes of Apple and Google as a member of password authentication development and awareness body the FIDO Alliance, came as an official statement from TikTok, but one that still may have surprised privacy advocates.
TikTok is arguably the most popular social media platform in the world despite its worldwide user data being stored, until June 2022, exclusively on Chinese servers (which, per Chinese law, its government would oversee).
TikTok, security, and popularity apathy
Now, TikTok, like AI, has become, for first-world-Earth, a banal distraction from the world’s ills to the extent that it has actually become one of them. They don’t want to hear it. They just want to watch some weapon break into somebody’s house (no, I’m not giving them the linkout satisfaction, but you know who I mean, guys) for the Vine (remember Vine?)
As such, it’s important to note that, if governments around the world hadn’t acted on their privacy objections, it’s very unlikely that any of the (very good, if inexcusably late) security measures that ByteDance has implemented would be in place at all.
This raises concerns about cybersecurity literacy among the general public, on two fronts: does the average user know about Passkeys (perhaps not, it seems as though I only hear about it at work despite being a big proponent of password managers generally) and, if they don’t care about account security (which they should), well, they need a kick in the right direction, maybe with a metal boot, with a shiv in the toe.
It’s a nihilist position, but politics over the course of the last few years has taught us that the average person will believe and stand for anything, no matter how false, or basically inhuman. You can take our ability to afford a house on a single wage, but you’ll never take our freedom to do a dank yeet. I have never used TikTok, only hearing about it from the local neighbourhood Facebook group.
Our persistent, Pulitzer-evasive coverage of Meta’s wacky adventures in EU courts over EU data privacy law violations, or anyone else’s for that matter, has had zero net effect on the situation at hand beyond Meta blocking Threads access in the EU because it collects that much data from the naive.
So, by extension, TikTok, objectively, by circumstance, the worst platform creative outlets since DeviantArt, was always destined to fall upwards. Those of us who think about security for even a nanosecond will have to account for this numb fact of human nature as we seek to drill it into your wife’s cousin’s goldfish’s skull that ‘Welcome123’ won’t cut it anymore.
Big kisses, by the way, to the MENSA patient who once wrote in saying we should just let the ‘f*ck*ng r*t*rds’ (that’s you, our good affiliate-revenue generating audience, scandal!) who don’t care about account security to just get on with it: very much the ‘get Brexit done’ of this plucky, upstart industry. Hope they pull through.