{"id":26070,"date":"2026-01-16T07:00:33","date_gmt":"2026-01-16T06:00:33","guid":{"rendered":"https:\/\/cyberinsights.iainfraser.net\/?p=26070"},"modified":"2026-03-24T09:02:40","modified_gmt":"2026-03-24T08:02:40","slug":"passkeys-v-passwords","status":"publish","type":"post","link":"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/16\/passkeys-v-passwords\/","title":{"rendered":"NCSC on Passkeys vs Passwords: What UK SMEs Must Do to Cut Phishing &amp; Account Takeover\u00a0"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"26070\" class=\"elementor elementor-26070\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-67ef7a3d elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"67ef7a3d\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5007c52f\" data-id=\"5007c52f\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3c0e7af elementor-widget elementor-widget-image\" data-id=\"3c0e7af\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/securuscomms.com\" target=\"_blank\" rel=\"noopener\">\n\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/elementor\/thumbs\/7774_Securus_Working_Auto_Banner-rf8bryc4djy6c75t28muqkdhh8m8odty7fzxues2rs.png\" title=\"+7774_Securus_Working_Auto_Banner\" alt=\"SECURUS Communications\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3e3d85a6 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3e3d85a6\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-7b9e689b\" data-id=\"7b9e689b\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6043f5ee elementor-widget elementor-widget-image\" data-id=\"6043f5ee\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/www.freepik.com\/\" target=\"_blank\" rel=\"noopener\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" width=\"300\" height=\"200\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-300x200.jpg\" class=\"attachment-medium size-medium wp-image-26071\" alt=\"NCSC on Passkeys vs Passwords: What UK SMEs Must Do to Cut Phishing &amp; Account Takeover\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-300x200.jpg 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-1024x683.jpg 1024w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-768x512.jpg 768w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-1536x1024.jpg 1536w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-2048x1365.jpg 2048w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" loading=\"lazy\" decoding=\"async\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Image Credit: Freepik<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-66 elementor-top-column elementor-element elementor-element-16d41e0f\" data-id=\"16d41e0f\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4753a1bc elementor-widget elementor-widget-wp-widget-text\" data-id=\"4753a1bc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"wp-widget-text.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<div class=\"textwidget\"><p>Gibraltar:\u00a0 Friday, 16 January 2026 \u2013 07:00 CET<\/p>\n<p><strong><span class=\"TextRun SCXW150491645 BCX0\" lang=\"EN-GB\" xml:lang=\"EN-GB\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW150491645 BCX0\" data-ccp-parastyle=\"No Spacing\">NCSC on Passkeys vs Passwords: What UK SMEs Must Do to Cut Phishing &amp; Account Takeover<\/span><\/span><span class=\"EOP SCXW150491645 BCX0\" data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><br \/>\n<\/strong>By: <a href=\"https:\/\/www.linkedin.com\/in\/iainfraserjournalist\/\" target=\"_blank\" rel=\"noopener\">Iain Fraser<\/a>\u00a0\u2013\u00a0<a href=\"https:\/\/www.google.com\/search?q=sme+cybersecurity+journalist&amp;client=firefox-b-d&amp;sca_esv=604417a22f933246&amp;biw=1920&amp;bih=937&amp;sxsrf=ADLYWII9GQo-CShq2VQjmub9bZo3edd4sw%3A1732797372997&amp;ei=vGNIZ_W2PLGgkdUP2Z6JsQc&amp;ved=0ahUKEwj1hIqfhf-JAxUxUKQEHVlPInY4ChDh1QMIDw&amp;uact=5&amp;oq=sme+cybersecurity+journalist&amp;gs_lp=Egxnd3Mtd2l6LXNlcnAiHHNtZSBjeWJlcnNlY3VyaXR5IGpvdXJuYWxpc3QyBBAjGCcyCBAAGIAEGKIEMggQABiABBiiBDIIEAAYgAQYogRI4g5QgQhY1AtwAXgBkAEAmAGwAaAB8QSqAQMwLjS4AQPIAQD4AQGYAgOgAtYCwgIHECMYsAMYJ8ICChAAGLADGNYEGEfCAgcQIxiwAhgnmAMAiAYBkAYKkgcDMS4yoAekHQ&amp;sclient=gws-wiz-serp\" target=\"_blank\" rel=\"noopener\">Cybersecurity Journalist<br \/>\n<\/a>Published in Collaboration with <a href=\"https:\/\/securuscomms.com\" target=\"_blank\" rel=\"noopener\">SECURUS Communications<\/a><br \/>\n<a href=\"https:\/\/www.google.com\/search?q=NCSC+on+Passkeys+vs+Passwords%3A+What+UK+SMEs+Must+Do+to+Cut+Phishing+%26+Account+Takeover&amp;rlz=1C1AJCO_enES1193ES1194&amp;oq=NCSC+on+Passkeys+vs+Passwords%3A+What+UK+SMEs+Must+Do+to+Cut+Phishing+%26+Account+Takeover+&amp;gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIGCAEQRRg80gEJMTIzN2owajE1qAIIsAIB8QVDl3_pJePY0PEFQ5d_6SXj2NA&amp;sourceid=chrome&amp;ie=UTF-8\" target=\"_blank\" rel=\"noopener\">Google Indexed on: 160126 at 09:15 CET<\/a><br \/>\n<a href=\"https:\/\/SMECyberInsights.co.uk\" target=\"_blank\" rel=\"noopener\">SMECyberInsights.co.uk<\/a> | <a href=\"https:\/\/www.google.com\/search?q=sme+cybersecurity+news&amp;rlz=1C1FKPE_enES1123ES1124&amp;oq=&amp;gs_lcrp=EgZjaHJvbWUqCQgAECMYJxjqAjIJCAAQIxgnGOoCMg8IARAjGCcY6gIYgAQYigUyCQgCECMYJxjqAjIJCAMQIxgnGOoCMg8IBBAuGCcYrwEYxwEY6gIyCQgFECMYJxjqAjIJCAYQIxgnGOoCMg8IBxAjGCcY6gIYgAQYigXSAQkyMTI2ajBqMTWoAgiwAgHxBS3gPpZWnp6m&amp;sourceid=chrome&amp;ie=UTF-8\" target=\"_blank\" rel=\"noopener\">First for SME Cybersecurity News<br \/>\n<\/a><em><span class=\"NormalTextRun SCXW38690482 BCX0\" data-ccp-parastyle=\"No Spacing\">#SMECyberInsights #CyberSafe #<\/span><span class=\"NormalTextRun SCXW38690482 BCX0\" data-ccp-parastyle=\"No Spacing\">NCSC\u00a0<\/span><span class=\"NormalTextRun SCXW38690482 BCX0\" data-ccp-parastyle=\"No Spacing\">#SME #SmallBusiness #CyberSecurity #Passkeys #Passwordless #Phishing<\/span><\/em><\/p>\n<p><span data-mce-type=\"bookmark\" style=\"width: 0px;overflow: hidden;line-height: 0\" class=\"mce_SELRES_start\">\ufeff<\/span><span data-mce-type=\"bookmark\" style=\"width: 0px;overflow: hidden;line-height: 0\" class=\"mce_SELRES_start\">\ufeff<\/span><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3866539b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3866539b\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2d3dff6\" data-id=\"2d3dff6\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-52e1c88e elementor-widget elementor-widget-wp-widget-text\" data-id=\"52e1c88e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"wp-widget-text.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<div class=\"textwidget\"><p><span data-contrast=\"auto\">Passkeys are quickly becoming the UK\u2019s \u201cnew normal\u201d for sign-in, and the NCSC has been increasingly clear about its preference for them over passwords. For SMEs, this\u00a0isn\u2019t\u00a0a tech fad\u2014it\u2019s\u00a0a direct response to the attacks that hit small businesses hardest: phishing, credential stuffing, and account takeover. The opportunity is simple:\u00a0<\/span><b><span data-contrast=\"auto\">reduce breach risk while making login easier for staff<\/span><\/b><span data-contrast=\"auto\">\u2014if you roll it out in a controlled way.<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Why this matters now.<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:240,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Passkeys are\u00a0<\/span><b><span data-contrast=\"auto\">phishing-resistant sign-ins<\/span><\/b><span data-contrast=\"auto\">\u00a0that replace passwords with device-based cryptography (often using Face ID, fingerprint, or a device PIN). That matters because most SME breaches still begin with stolen or reused credentials.<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Key benefits and risks for SMEs:<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Cuts phishing impact<\/span><\/b><span data-contrast=\"auto\">\u202fbecause\u00a0there\u2019s\u00a0no password to steal and reuse.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Reduces credential stuffing<\/span><\/b><span data-contrast=\"auto\">\u202f(attackers testing leaked passwords at scale).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Lowers helpdesk load<\/span><\/b><span data-contrast=\"auto\">\u202ffrom password resets and lockouts.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Improves user experience<\/span><\/b><span data-contrast=\"auto\">\u202f(faster sign-in, fewer prompts).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Introduces new operational considerations<\/span><\/b><span data-contrast=\"auto\">\u202f(device loss, onboarding, recovery).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Authoritative insight (what the NCSC is getting at)<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:240,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The NCSC\u2019s public guidance in recent years has consistently pushed organisations towards\u00a0<\/span><b><span data-contrast=\"auto\">phishing-resistant MFA<\/span><\/b><span data-contrast=\"auto\">\u00a0and modern authentication approaches that reduce dependence on shared secrets (passwords). Passkeys align with that strategy because they are built on\u00a0<\/span><b><span data-contrast=\"auto\">FIDO2\/WebAuthn<\/span><\/b><span data-contrast=\"auto\">, which uses public-key cryptography rather than a password database.<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">In plain English:<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">* A\u202f<\/span><b><span data-contrast=\"auto\">password<\/span><\/b><span data-contrast=\"auto\">\u202fis a secret you know and can accidentally reveal.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">* A\u202f<\/span><b><span data-contrast=\"auto\">passkey<\/span><\/b><span data-contrast=\"auto\">\u202fis a cryptographic credential tied to a legitimate website\/app, so\u00a0it\u2019s\u00a0far harder to trick people into handing it over to a fake login page.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">This also matches what major platform providers and identity ecosystems are doing: rolling out passkeys as a default\u00a0option\u00a0to reduce phishing and account compromise.<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Who, what, when, where, why (SME version):<\/span><\/b><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Who:<\/span><\/b><span data-contrast=\"auto\">\u202fSMEs, managed service providers (MSPs), IT leads, directors.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* What:<\/span><\/b><span data-contrast=\"auto\">\u202fReplace or reduce passwords using passkeys (plus sensible controls).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* When:<\/span><\/b><span data-contrast=\"auto\">\u202fNow\u2014phishing and credential theft are daily, automated threats.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Where:<\/span><\/b><span data-contrast=\"auto\">\u202fEmail, Microsoft 365\/Google Workspace, finance apps, CRM, admin portals.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Why:<\/span><\/b><span data-contrast=\"auto\">\u202fStolen credentials remain the cheapest route into small businesses.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">SME-specific impact (why smaller firms feel this first)<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:240,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">SMEs often have constraints that make password-heavy security especially risky:<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Lean IT teams<\/span><\/b><span data-contrast=\"auto\">\u202fmean less capacity to\u00a0monitor\u00a0for suspicious sign-ins.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* High SaaS reliance<\/span><\/b><span data-contrast=\"auto\">\u202fexpands the attack surface across many logins.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Shared accounts and weak offboarding<\/span><\/b><span data-contrast=\"auto\">\u202f(common in small teams) create lingering access.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Limited MFA maturity<\/span><\/b><span data-contrast=\"auto\">\u202f(e.g., SMS-only) leaves gaps against modern phishing.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Tighter cashflow<\/span><\/b><span data-contrast=\"auto\">\u202fmakes breach recovery (downtime, incident response, reputational harm) disproportionately painful.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Passkeys can help precisely because they reduce the \u201chuman factor\u201d exposure that attackers exploit.<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3d949009 elementor-widget elementor-widget-image\" data-id=\"3d949009\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" width=\"2048\" height=\"1365\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-2048x1365.jpg\" class=\"attachment-2048x2048 size-2048x2048 wp-image-26071\" alt=\"NCSC on Passkeys vs Passwords: What UK SMEs Must Do to Cut Phishing &amp; Account Takeover\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-2048x1365.jpg 2048w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-300x200.jpg 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-1024x683.jpg 1024w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-768x512.jpg 768w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-1536x1024.jpg 1536w\" sizes=\"auto, (max-width: 2048px) 100vw, 2048px\" loading=\"lazy\" decoding=\"async\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1169dab0 elementor-widget elementor-widget-wp-widget-text\" data-id=\"1169dab0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"wp-widget-text.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<div class=\"textwidget\"><p><b><span data-contrast=\"auto\">Upside &amp; downside analysis<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:240,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Upside\u00a0<\/span><\/b><b><span data-contrast=\"auto\">\u2705<\/span><\/b><b><span data-contrast=\"auto\">\u00a0(security + operational gains)<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:240,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Passkeys can deliver measurable improvements for SMEs:<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Phishing resistance:<\/span><\/b><span data-contrast=\"auto\">\u202fPasskeys are bound to the legitimate domain, so fake sites\u00a0can\u2019t\u00a0easily harvest usable credentials.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Fewer reused credentials:<\/span><\/b><span data-contrast=\"auto\">\u202fNo more \u201cSummer2026!\u201d across multiple systems.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Better user adoption:<\/span><\/b><span data-contrast=\"auto\">\u202fStaff\u00a0generally prefer\u00a0biometrics\/device prompts to memorising complex passwords.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Reduced password reset overhead:<\/span><\/b><span data-contrast=\"auto\">\u202fLess time lost to lockouts and resets.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Stronger baseline for compliance:<\/span><\/b><span data-contrast=\"auto\">\u202fWhile no single control guarantees compliance, passkeys support stronger access control and reduced unauthorised access risk\u2014useful for UK GDPR security expectations.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">SEO keyword variants naturally aligned here:\u00a0<\/span><i><span data-contrast=\"auto\">passkeys for business,\u00a0passwordless\u00a0authentication UK, phishing-resistant MFA, FIDO2\/WebAuthn, account takeover prevention.<\/span><\/i><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Downside\u00a0<\/span><\/b><b><span data-contrast=\"auto\">\u26a0\ufe0f<\/span><\/b><b><span data-contrast=\"auto\">\u00a0(trade-offs SMEs must manage)<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:240,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Passkeys\u00a0aren\u2019t\u00a0magic; implementation matters:<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Device dependency &amp; recovery:<\/span><\/b><span data-contrast=\"auto\">\u202fIf a device is lost or replaced, you need robust account recovery processes.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Mixed ecosystems:<\/span><\/b><span data-contrast=\"auto\">\u202fSome legacy apps\u00a0won\u2019t\u00a0support passkeys yet, requiring hybrid authentication.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Admin access complexity:<\/span><\/b><span data-contrast=\"auto\">\u202fPrivileged\/admin accounts need extra thought (e.g., hardware keys, separate secure devices, break-glass accounts).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Change management:<\/span><\/b><span data-contrast=\"auto\">\u202fStaff onboarding\/offboarding and acceptable use policies must reflect passkey use.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">* Central visibility:<\/span><\/b><span data-contrast=\"auto\">\u202fYou still need identity monitoring (sign-in logs, conditional access) because attackers pivot in other ways (token theft, MFA fatigue, session hijack).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Quick action steps (SME-ready checklist)<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:240,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">1. Audit your highest-risk accounts<\/span><\/b><span data-contrast=\"auto\">\u202f(email, finance, payroll, admin portals) and prioritise those for passkeys or phishing-resistant MFA.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">2. Enable passkeys where your IdP supports them<\/span><\/b><span data-contrast=\"auto\">\u202f(e.g., Microsoft\/Google\/SSO provider) and start with a pilot group.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">3. Keep strong fallback controls<\/span><\/b><span data-contrast=\"auto\">: require an\u00a0additional\u00a0secure factor for recovery and admin changes; avoid SMS where possible.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">4. Harden privileged access<\/span><\/b><span data-contrast=\"auto\">: separate admin accounts, enforce least privilege, and consider\u202f<\/span><b><span data-contrast=\"auto\">hardware security keys<\/span><\/b><span data-contrast=\"auto\">\u202ffor administrators.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">5. Write a simple recovery playbook<\/span><\/b><span data-contrast=\"auto\">: lost device process, identity verification steps, and who approves re-enrolment.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">6. Update joiner\/leaver processes<\/span><\/b><span data-contrast=\"auto\">\u202fso passkeys and devices are issued, managed, and removed cleanly.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">7. Monitor sign-ins and set alerts<\/span><\/b><span data-contrast=\"auto\">\u202ffor impossible travel, new device enrolment, repeated failures, and risky legacy authentication.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Looking ahead (what to expect next)<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;201341983&quot;:0,&quot;335559739&quot;:240,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Passwordless\u00a0is moving from \u201cinnovative\u201d to \u201cexpected\u201d,\u00a0and the NCSC\u2019s preference for passkeys reflects that reality:\u00a0<\/span><b><span data-contrast=\"auto\">attackers industrialise password theft, so defenders must reduce the value of stealing passwords altogether<\/span><\/b><span data-contrast=\"auto\">. For SMEs, the winners will be those who treat passkeys as part of an identity security programme\u2014policy, recovery, monitoring\u2014not just a toggle in settings.<\/span><span data-ccp-props=\"{&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-93c0f64 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"93c0f64\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-7188c3a\" data-id=\"7188c3a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-70c0d6d elementor-widget elementor-widget-image\" data-id=\"70c0d6d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/securuscomms.com\" target=\"_blank\" rel=\"noopener\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" width=\"300\" height=\"251\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/11\/Securus_Working_300x250-300x251.png\" class=\"attachment-medium size-medium wp-image-25726\" alt=\"SECURUS Communications\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/11\/Securus_Working_300x250-300x251.png 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/11\/Securus_Working_300x250.png 527w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" loading=\"lazy\" decoding=\"async\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\"><\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-66 elementor-top-column elementor-element elementor-element-d501aa5\" data-id=\"d501aa5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5ac13e2 elementor-widget elementor-widget-wp-widget-text\" data-id=\"5ac13e2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"wp-widget-text.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<div class=\"textwidget\"><p><strong>SECURUS Communications Ltd<\/strong><\/p>\n<p><strong><a href=\"https:\/\/securuscomms.com\" target=\"_blank\" rel=\"noopener\">Securus<\/a> <\/strong>is a managed communications Operator, providing next-generation network infrastructure and value added services to Managed Hosting providers and the &#8216;cloud generation&#8217;\u200b of enterprises. <strong><a href=\"https:\/\/securuscomms.com\" target=\"_blank\" rel=\"noopener\">Securus<\/a> <\/strong>priority is to offer communication services that represent excellent value for money and are backed by exceptional levels of support.<\/p>\n<p><strong>Contact Securus<\/strong><br \/>\nSecurus Communications Ltd<br \/>\nStation Road, Landmark house, Hook, England RG27 9HA, GB<br \/>\nT: Enquiries:\u00a0<a id=\"ember907\" class=\"link-without-visited-state ember-view\" href=\"tel:03451 283457\" target=\"_blank\" rel=\"noopener noreferrer\" data-artdeco-is-focused=\"true\"><span class=\"link-without-visited-state\" dir=\"ltr\" aria-hidden=\"true\">03451 283457<\/span><\/a>\u00a0| Service Desk: <a href=\"tel:03451 283458\">03451 283458<\/a><br \/>\nSecurus on <a href=\"https:\/\/www.linkedin.com\/company\/securus-communications-ltd\/\" target=\"_blank\" rel=\"noopener\">LinkedIn<\/a> | Securus on <a href=\"https:\/\/x.com\/SecurusComms\">&#8220;X&#8221;<\/a> | <a href=\"https:\/\/www.securuscomms.com\" target=\"_blank\" rel=\"noopener\">https:\/\/securuscomms.com<\/a><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t<div class=\"elementor-element elementor-element-4809d2f3 e-flex e-con-boxed e-con e-parent\" data-id=\"4809d2f3\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-51d16e0d elementor-grid-3 elementor-grid-tablet-2 elementor-grid-mobile-1 elespare-section-title-elespare-left elementor-widget elementor-widget-post-grid\" data-id=\"51d16e0d\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;columns&quot;:&quot;3&quot;,&quot;columns_tablet&quot;:&quot;2&quot;,&quot;columns_mobile&quot;:&quot;1&quot;}\" data-widget_type=\"post-grid.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elespare-widget-title-section title-style-2 elespare-left\">\n\t\t\t\t<h2 class=\"elespare-widget-title\">\n\t\t\t\t\t<span class=\"elespare-section-title-before\"><\/span>\n\t\t\t\t\t<span class=\"elespare-section-title\">Latest  Posts from SECURUS Communications<\/span>\n\t\t\t\t\t<span class=\"elespare-section-title-after\"><\/span>\n\t\t\t\t<\/h2>\n\t\t\t<\/div>    <div class=\"elespare-grid-wrap grid-layout has-background  elespare-has-equal-height\">\n\n      <div class=\"elespare-posts-wrap  elementor-grid grid-style-1  elespare-image-zoom elespare-light \">\n                    <div class=\"elespare-posts-grid-post-items\">\n\n              <div class=\"elespare-img-wrapper\">\n                \n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/21\/ai-powered-fraud-in-2026\/\" aria-label=\"AI-Powered Fraud Is Rising: What Ping\u2019s Keyless Deal Signals for UK SME Login Security\u00a0\">\n        <img loading=\"lazy\" width=\"300\" height=\"200\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/fraud-8509836_1280-300x200.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt=\"AI-Powered Fraud Is Rising: What Ping\u2019s Keyless Deal Signals for UK SME Login Security\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/fraud-8509836_1280-300x200.jpg 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/fraud-8509836_1280-1024x683.jpg 1024w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/fraud-8509836_1280-768x512.jpg 768w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/fraud-8509836_1280.jpg 1280w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" loading=\"lazy\" decoding=\"async\" \/>      <\/a>\n\n    \n                <ul class='elespare-cat-links solid'><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/ai\/\" aria-label=\"View all posts in AI category\">\n                      \n                        AI\n                      <\/a>\n                  <\/li><\/ul>              <\/div>\n              <div class=\"elespare-content-wrapper\">\n                                \n    <h3 class=\"elespare-post-title\">\n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/21\/ai-powered-fraud-in-2026\/\"> <span>AI-Powered Fraud Is Rising: What Ping\u2019s Keyless Deal Signals for UK SME Login Security\u00a0<\/span><\/a>\n    <\/h3>\n          <div class=\"elespare-metadata\">\n                  <span class=\"post-author\">\n            <a href=\"\">\n                              <i class=\"demo-icon elespare-icons-user-circle-regular\" aria-hidden=\"true\"><\/i>\n                                        <\/a>\n          <\/span>\n                          <span class=\"elespare-posts-full-post-author\">\n            <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/\">\n              <i class=\"demo-icon elespare-icons-clock-regular\" aria-hidden=\"true\"><\/i>\n              January 21, 2026\n            <\/a>\n          <\/span>\n                          <span class=\"comment_count\">\n            <i class=\"demo-icon elespare-icons-comment-empty\"><\/i>\n            0          <\/span>\n              <\/div>\n\n              <\/div>\n            <\/div>\n                    <div class=\"elespare-posts-grid-post-items\">\n\n              <div class=\"elespare-img-wrapper\">\n                \n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/15\/ai-aids-compliance\/\" aria-label=\"AI &amp; Compliance for UK SMEs (2025): Cut GDPR Risk, Speed Audits &amp; Win Customer Trust\u00a0\">\n        <img loading=\"lazy\" width=\"300\" height=\"210\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/ai-powered-cybersecurity-biometric-authentication_compressed-300x210.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt=\"AI &amp; Compliance for UK SMEs (2025): Cut GDPR Risk, Speed Audits &amp; Win Customer Trust\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/ai-powered-cybersecurity-biometric-authentication_compressed-300x210.jpg 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/ai-powered-cybersecurity-biometric-authentication_compressed-1024x717.jpg 1024w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/ai-powered-cybersecurity-biometric-authentication_compressed-768x538.jpg 768w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/ai-powered-cybersecurity-biometric-authentication_compressed.jpg 1291w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" loading=\"lazy\" decoding=\"async\" \/>      <\/a>\n\n    \n                <ul class='elespare-cat-links solid'><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/compliance\/\" aria-label=\"View all posts in COMPLIANCE category\">\n                      \n                        COMPLIANCE\n                      <\/a>\n                  <\/li><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/cyberinsights\/\" aria-label=\"View all posts in SMECYBERIINSIGHTS category\">\n                      \n                        SMECYBERIINSIGHTS\n                      <\/a>\n                  <\/li><\/ul>              <\/div>\n              <div class=\"elespare-content-wrapper\">\n                                \n    <h3 class=\"elespare-post-title\">\n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/15\/ai-aids-compliance\/\"> <span>AI &amp; Compliance for UK SMEs (2025): Cut GDPR Risk, Speed Audits &amp; Win Customer Trust\u00a0<\/span><\/a>\n    <\/h3>\n          <div class=\"elespare-metadata\">\n                  <span class=\"post-author\">\n            <a href=\"\">\n                              <i class=\"demo-icon elespare-icons-user-circle-regular\" aria-hidden=\"true\"><\/i>\n                                        <\/a>\n          <\/span>\n                          <span class=\"elespare-posts-full-post-author\">\n            <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/\">\n              <i class=\"demo-icon elespare-icons-clock-regular\" aria-hidden=\"true\"><\/i>\n              January 15, 2026\n            <\/a>\n          <\/span>\n                          <span class=\"comment_count\">\n            <i class=\"demo-icon elespare-icons-comment-empty\"><\/i>\n            0          <\/span>\n              <\/div>\n\n              <\/div>\n            <\/div>\n                    <div class=\"elespare-posts-grid-post-items\">\n\n              <div class=\"elespare-img-wrapper\">\n                \n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/12\/sme-cyber-threats-rise\/\" aria-label=\"AI Cyber Threats Surge for UK SMEs: Inside the New Safety Platform, Stark Stats and Defence Steps\u00a0\">\n        <img loading=\"lazy\" width=\"300\" height=\"204\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/risk-gamble-opportunity-swot-weakness-unsure-concept_compressed-300x204.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt=\"AI Cyber Threats Surge for UK SMEs: Inside the New Safety Platform, Stark Stats and Defence Steps\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/risk-gamble-opportunity-swot-weakness-unsure-concept_compressed-300x204.jpg 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/risk-gamble-opportunity-swot-weakness-unsure-concept_compressed-1024x695.jpg 1024w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/risk-gamble-opportunity-swot-weakness-unsure-concept_compressed-768x521.jpg 768w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/risk-gamble-opportunity-swot-weakness-unsure-concept_compressed-1536x1043.jpg 1536w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/risk-gamble-opportunity-swot-weakness-unsure-concept_compressed-2048x1390.jpg 2048w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" loading=\"lazy\" decoding=\"async\" \/>      <\/a>\n\n    \n                <ul class='elespare-cat-links solid'><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/cyberthreat-intel\/\" aria-label=\"View all posts in SME CYBER\/THREAT INTEL category\">\n                      \n                        SME CYBER\/THREAT INTEL\n                      <\/a>\n                  <\/li><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/cyberinsights\/\" aria-label=\"View all posts in SMECYBERIINSIGHTS category\">\n                      \n                        SMECYBERIINSIGHTS\n                      <\/a>\n                  <\/li><\/ul>              <\/div>\n              <div class=\"elespare-content-wrapper\">\n                                \n    <h3 class=\"elespare-post-title\">\n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/12\/sme-cyber-threats-rise\/\"> <span>AI Cyber Threats Surge for UK SMEs: Inside the New Safety Platform, Stark Stats and Defence Steps\u00a0<\/span><\/a>\n    <\/h3>\n          <div class=\"elespare-metadata\">\n                  <span class=\"post-author\">\n            <a href=\"\">\n                              <i class=\"demo-icon elespare-icons-user-circle-regular\" aria-hidden=\"true\"><\/i>\n                                        <\/a>\n          <\/span>\n                          <span class=\"elespare-posts-full-post-author\">\n            <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/\">\n              <i class=\"demo-icon elespare-icons-clock-regular\" aria-hidden=\"true\"><\/i>\n              January 12, 2026\n            <\/a>\n          <\/span>\n                          <span class=\"comment_count\">\n            <i class=\"demo-icon elespare-icons-comment-empty\"><\/i>\n            0          <\/span>\n              <\/div>\n\n              <\/div>\n            <\/div>\n                    <div class=\"elespare-posts-grid-post-items\">\n\n              <div class=\"elespare-img-wrapper\">\n                \n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/09\/sme-cyber-threats-2026\/\" aria-label=\"UK SME Cyber Threats 2026: The Straight-Talking Guide to Phishing, Ransomware &amp; Fraud\u00a0\">\n        <img loading=\"lazy\" width=\"300\" height=\"200\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/css-collage-concept-300x200.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt=\"UK SME Cyber Threats 2026: The Straight-Talking Guide to Phishing, Ransomware &amp; Fraud\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/css-collage-concept-300x200.jpg 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/css-collage-concept-1024x683.jpg 1024w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/css-collage-concept-768x512.jpg 768w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/css-collage-concept.jpg 1252w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" loading=\"lazy\" decoding=\"async\" \/>      <\/a>\n\n    \n                <ul class='elespare-cat-links solid'><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/cyberthreat-intel\/\" aria-label=\"View all posts in SME CYBER\/THREAT INTEL category\">\n                      \n                        SME CYBER\/THREAT INTEL\n                      <\/a>\n                  <\/li><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/cyberinsights\/\" aria-label=\"View all posts in SMECYBERIINSIGHTS category\">\n                      \n                        SMECYBERIINSIGHTS\n                      <\/a>\n                  <\/li><\/ul>              <\/div>\n              <div class=\"elespare-content-wrapper\">\n                                \n    <h3 class=\"elespare-post-title\">\n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/09\/sme-cyber-threats-2026\/\"> <span>UK SME Cyber Threats 2026: The Straight-Talking Guide to Phishing, Ransomware &amp; Fraud\u00a0<\/span><\/a>\n    <\/h3>\n          <div class=\"elespare-metadata\">\n                  <span class=\"post-author\">\n            <a href=\"\">\n                              <i class=\"demo-icon elespare-icons-user-circle-regular\" aria-hidden=\"true\"><\/i>\n                                        <\/a>\n          <\/span>\n                          <span class=\"elespare-posts-full-post-author\">\n            <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/\">\n              <i class=\"demo-icon elespare-icons-clock-regular\" aria-hidden=\"true\"><\/i>\n              January 9, 2026\n            <\/a>\n          <\/span>\n                          <span class=\"comment_count\">\n            <i class=\"demo-icon elespare-icons-comment-empty\"><\/i>\n            0          <\/span>\n              <\/div>\n\n              <\/div>\n            <\/div>\n                    <div class=\"elespare-posts-grid-post-items\">\n\n              <div class=\"elespare-img-wrapper\">\n                \n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/06\/lastpass-heavily-fined-by-ico\/\" aria-label=\"Password Manager Fined After Major Data Breach: What UK SMEs Must Learn from the LastPass Case\">\n        <img loading=\"lazy\" width=\"300\" height=\"194\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/subscribe-3534409_1280-300x194.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt=\"Password Manager Fined After Major Data Breach: What UK SMEs Must Learn from the LastPass Case\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/subscribe-3534409_1280-300x194.jpg 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/subscribe-3534409_1280-1024x661.jpg 1024w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/subscribe-3534409_1280-768x496.jpg 768w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/subscribe-3534409_1280.jpg 1280w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" loading=\"lazy\" decoding=\"async\" \/>      <\/a>\n\n    \n                <ul class='elespare-cat-links solid'><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/data-protection\/\" aria-label=\"View all posts in DATA PROTECTION category\">\n                      \n                        DATA PROTECTION\n                      <\/a>\n                  <\/li><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/managed-security\/\" aria-label=\"View all posts in MANAGED SECURITY category\">\n                      \n                        MANAGED SECURITY\n                      <\/a>\n                  <\/li><\/ul>              <\/div>\n              <div class=\"elespare-content-wrapper\">\n                                \n    <h3 class=\"elespare-post-title\">\n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/01\/06\/lastpass-heavily-fined-by-ico\/\"> <span>Password Manager Fined After Major Data Breach: What UK SMEs Must Learn from the LastPass Case<\/span><\/a>\n    <\/h3>\n          <div class=\"elespare-metadata\">\n                  <span class=\"post-author\">\n            <a href=\"\">\n                              <i class=\"demo-icon elespare-icons-user-circle-regular\" aria-hidden=\"true\"><\/i>\n                                        <\/a>\n          <\/span>\n                          <span class=\"elespare-posts-full-post-author\">\n            <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2026\/\">\n              <i class=\"demo-icon elespare-icons-clock-regular\" aria-hidden=\"true\"><\/i>\n              January 6, 2026\n            <\/a>\n          <\/span>\n                          <span class=\"comment_count\">\n            <i class=\"demo-icon elespare-icons-comment-empty\"><\/i>\n            0          <\/span>\n              <\/div>\n\n              <\/div>\n            <\/div>\n                    <div class=\"elespare-posts-grid-post-items\">\n\n              <div class=\"elespare-img-wrapper\">\n                \n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2025\/12\/19\/fake-booking-scam\/\" aria-label=\"Malwarebytes Warns Seasonal Travellers of RAT Infection from Fake Booking.com Scam Sites\">\n        <img loading=\"lazy\" width=\"300\" height=\"170\" src=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/12\/rat-walking-sewage_compressed-300x170.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt=\"Malwarebytes Warns Seasonal Travellers of RAT Infection from Fake Booking.com Scam Sites\" srcset=\"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/12\/rat-walking-sewage_compressed-300x170.jpg 300w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/12\/rat-walking-sewage_compressed-1024x580.jpg 1024w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/12\/rat-walking-sewage_compressed-768x435.jpg 768w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/12\/rat-walking-sewage_compressed-1536x870.jpg 1536w, https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/12\/rat-walking-sewage_compressed-2048x1161.jpg 2048w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" loading=\"lazy\" decoding=\"async\" \/>      <\/a>\n\n    \n                <ul class='elespare-cat-links solid'><li class=\"elespare-meta-category\">\n                      <a class=\"elespare-categories\" href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/managed-security\/\" aria-label=\"View all posts in MANAGED SECURITY category\">\n                      \n                        MANAGED SECURITY\n                      <\/a>\n                  <\/li><\/ul>              <\/div>\n              <div class=\"elespare-content-wrapper\">\n                                \n    <h3 class=\"elespare-post-title\">\n      <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2025\/12\/19\/fake-booking-scam\/\"> <span>Malwarebytes Warns Seasonal Travellers of RAT Infection from Fake Booking.com Scam Sites<\/span><\/a>\n    <\/h3>\n          <div class=\"elespare-metadata\">\n                  <span class=\"post-author\">\n            <a href=\"\">\n                              <i class=\"demo-icon elespare-icons-user-circle-regular\" aria-hidden=\"true\"><\/i>\n                                        <\/a>\n          <\/span>\n                          <span class=\"elespare-posts-full-post-author\">\n            <a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/2025\/\">\n              <i class=\"demo-icon elespare-icons-clock-regular\" aria-hidden=\"true\"><\/i>\n              December 19, 2025\n            <\/a>\n          <\/span>\n                          <span class=\"comment_count\">\n            <i class=\"demo-icon elespare-icons-comment-empty\"><\/i>\n            0          <\/span>\n              <\/div>\n\n              <\/div>\n            <\/div>\n              <\/div>\n    <\/div>\n    \t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Image Credit: Freepik Latest Posts from SECURUS Communications AI AI-Powered Fraud Is Rising: What Ping\u2019s&#8230;<\/p>\n","protected":false},"author":1,"featured_media":26071,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"yes","footnotes":""},"categories":[14],"tags":[806],"ppma_author":[505],"class_list":["post-26070","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyberinsights","tag-passkeysvpasswords"],"featured_image_urls":{"full":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-scaled.jpg",2560,1707,false],"thumbnail":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-150x150.jpg",150,150,true],"medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-300x200.jpg",300,200,true],"medium_large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-768x512.jpg",640,427,true],"large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-1024x683.jpg",640,427,true],"1536x1536":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-1536x1024.jpg",1536,1024,true],"2048x2048":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-2048x1365.jpg",2048,1365,true],"covernews-featured":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-1024x683.jpg",1024,683,true],"covernews-medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2026\/01\/keys-arrangement-studio_compressed-540x340.jpg",540,340,true]},"author_info":{"display_name":"Cybersecurity Journalist Iain Fraser","author_link":false},"category_info":"<a href=\"https:\/\/smecyberinsights.co.uk\/index.php\/category\/cyberinsights\/\" rel=\"category tag\">SMECYBERIINSIGHTS<\/a>","tag_info":"SMECYBERIINSIGHTS","comment_count":"0","authors":[{"term_id":505,"user_id":1,"is_guest":0,"slug":"admin_yjdstq4n","display_name":"Cybersecurity Journalist Iain Fraser","avatar_url":{"url":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png","url2x":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png"},"0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/26070","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=26070"}],"version-history":[{"count":16,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/26070\/revisions"}],"predecessor-version":[{"id":27122,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/26070\/revisions\/27122"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media\/26071"}],"wp:attachment":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=26070"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=26070"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=26070"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/ppma_author?post=26070"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}