About five months after Google added passkey support to its Chrome browser, the tech giant announced that Passwordless solution With your Google Account on all platforms.
Backed by the FIDO Alliance, Passkeys are a more secure way to sign in to apps and websites without traditional passwords. This can be accomplished simply by unlocking a computer or mobile device using biometrics (such as fingerprint or facial recognition) or a local PIN.
“Also, unlike passwords, passkeys are more resistant to online attacks such as phishing, making them more secure than things like SMS one-time codes,” Google said. I got it.
Once created, passkeys are stored locally on your device and are never shared with any other party. This eliminates the need to set up two-factor authentication as it proves that you can access and unlock the device.
Users can also create a passkey for all devices they use to log into their Google Account. This means that a passkey created on your iPhone can be used on any other device signed into the same iCloud account.
Both Google Password Manager and iCloud Keychain use end-to-end encryption to keep your passkey private so that if you lose access to your device, you will be locked out or your password will be stolen from one device to another. It’s worth pointing out that you can easily upgrade to other devices. .
Additionally, users can sign in to a new device or temporarily use a different device by selecting the “Use a passkey from another device” option. This authorizes one-time sign-in using your phone’s screen lock and proximity.
“The device then uses a small anonymous Bluetooth message to verify your phone is nearby and sets up an end-to-end encrypted connection to your phone over the internet,” the company says. says. explained.
Learn how to stop ransomware with real-time protection
Join our webinar to learn how real-time MFA and service account protection can stop ransomware attacks.
“The phone uses this connection to deliver a one-time passkey signature. This requires your authorization and a biometric or screen lock step on the phone. Neither the passkey itself nor the screen lock information is will not be sent to
While this may be “the beginning of the end of passwords,” the company says it intends to continue supporting existing login methods such as passwords and two-factor authentication for the foreseeable future.
Google also recommends that users do not create passkeys on devices shared with others. This is a move that can effectively undermine all security protections.
