The article provides an overview of the current state of password authentication and highlights the main problems. Various options for password-free authentication are being considered as a replacement for password authentication. Each option is analyzed in terms of disadvantages and the possibility of replacing passwords.
The analysis revealed that some alternatives can only act as an additional factor in multi-factor authentication, such as OTP and push notifications. Others, on the contrary, should not be used as an authentication method at all; these include QR codes.
As a result of the analysis, two directions of password-free authentication were identified as clear favorites: biometric and passkey. When comparing the finalists, the choice fell on passkey, since it does not have the main and critical drawback of biometric authentication - dependence on concealing the originals of biometrics. In case of biometrics compromise, a person gets huge problems, since without surgical intervention he cannot change it.
Passkey, on the contrary, demonstrates a high level of protection, comparable to biometrics, but is devoid of such a drawback. At the same time, passkey, or rather the current FIDO2 standard, has a few shortcomings that hinder distribution. These include the potential possibility of using malware as a client. Another, no less important problem is unlinking the old and linking a new key in case of loss or failure of the first one.
To solve this problem, it is necessary to develop a secure authentication protocol using passkey technology.

Keywords: password authentication, passwordless authentication, push notification, QR-code, biometric authentication, passkey, FIDO2, WebAuthn, CTAP2.1