No more passwords? Google touts passkeys for an easier future
Mountain View, California – Having to remember different passwords for all your apps and websites can be a pain. Google has now introduced an alternative for its accounts that looks set to make logging in a much simpler affair, though the feature still has a long way to go.
Now that Google has enabled passwordless authentication for its user accounts, let's take a look at what that actually means.
The technology used is called passkeys. It is based on the Fido 2 security standard and not vulnerable to phishing attacks, according to Google.
The company describes a passkey as "a digital credential, tied to a user account and a website or application."
At the heart of passwordless authentication is the so-called public key cryptography with two key pairs. One private key is stored by the user. The other - public - key is stored by the service provider, in this case Google.
After creating a passkey for your Google account, you can in future log in by simply selecting that passkey without having to provide a username and a password anymore.
To make sure only you can use the key, you will then be asked to unlock your device with a biometric sensor like a fingerprint or facial recognition, a PIN code or a pattern, which you can use for all passwordless logins.
How does Google passkey work?
You can use passkeys across different devices and operating systems. If you want to enable passkeys for your Google account, you have to enable the function in the account settings. In addition, your browser and, if applicable, the operating system also have to support passkeys.
According to Google Identity, "passkeys are intended to be used through operating system infrastructure that allows passkey managers to create, backup, and make passkeys available to the applications running on that operating system."
Google has been implementing the feature on Chrome for some time. The same applies to Android (from version 9), where the passkeys are stored in the Google Password Manager. The program also allows you to synchronize your passkeys between different Android devices which are signed into the same Google account.
Passkeys are also supported by Microsoft for Windows and by Apple for macOS and iOS. Here, logging into your Google account becomes somewhat more complex, however.
Passkeys created on iOS devices or in Safari on macOS, for example, are stored in the iCloud keychain. Chrome used on Windows saves passkeys in Windows Hello. Passkeys created in Chrome on Android end up - as already mentioned - in the Google Password Manager.
In the future, however, it should be possible to synchronize passkeys across devices and operating systems without difficulty. Google even promises that Android users will be able to use third-party apps for passkey management in the future.
However, the supported environments are still under development.
Google also recently announced it is expanding its smartphone business with a new foldable model and the arrival of its own AI chatbot Bard, continuing to expand its offerings.
Cover photo: Collage: IMAGO / Panthermedia & ZUMA Press