How to Use Passkeys on Android and Google Chrome

by admin

Google wants to make your digital life more secure and password-free within its ecosystem.

Illustration courtesy of Andrii ONUFRIYENKO/GETTY IMAGES

You’re in the right place if you’re curious about what it means that Google just announced that passkey support is coming to both the Android operating system and the Google Chrome web browser. Passkeys, which are meant to be more secure, are simply a replacement for passwords. You log into your numerous digital accounts, like Google, Twitter, Dropbox, and others, using them instead of traditional passwords.

You do not receive a real key. To confirm you are who you say you are for the sake of logging in, some sort of unlocking mechanism—typically facial recognition or fingerprint recognition, or just a PIN code—is utilised.

But switching over does not simply involve hitting a button. Because passkey support must also be included into apps and websites, Google posted the announcement on its Android Developers Blog.

The action is a part of a larger industry push toward a password-free future; you may have seen Microsoft taking similar action. Passwords are not required of users, and hackers cannot steal any passwords.

How Passkeys Function

A passkey, in the words of Google, “identifies a specific user account on some online site.” A cryptographic private key is at the core of it, and it is saved on the hardware you use. Your identity is then verified by comparing this to a public key held by the digital services you are logging into.

You’ll need to unlock your phone or computer to confirm that it’s actually you. On a phone, this typically entails entering a PIN code or allowing your face or fingerprint to be scanned. On computers, you can still use a password to confirm your identity, but the industry is constantly shifting toward biometric authentication.

You don’t actually need to see the passkey or understand what it is; you just need to be yourself. It’s considerably easier and more convenient because your face or fingerprint takes the place of the lengthy list of passwords you could have written down on a Post-it note.

These passkeys employ public-key encryption, rendering them useless to hackers without your face or your fingerprint in the event of a data breach. Similar to this, your accounts cannot be accessed if your phone or laptop are taken because you won’t be present to provide the required authentication.

This effort is not exclusive to Google. You will be able to use these systems on any device, whether it is produced by Google, Apple, Microsoft, or any other hardware manufacturer, as groups like the FIDO Alliance and the W3C Web Authentication group are actively working toward a future without passwords.

Configuring and Utilizing Passkeys

The good news is that utilising passkeys is as simple as unlocking your phone because it was designed to be that simple. Only until the app you’re connecting into and the device you’re using have been updated with passkey compatibility will you be given the option of switching your accounts over to a passkey system.

Consider the following scenario: Google has completed the rollout of passkey support for Android, you are signing in to an app that has been upgraded to accept passkeys, and you have selected to switch from a regular password by selecting “yes” when prompted. The next step is to generate a passkey, which entails performing the same action you use to unlock your phone—displaying your face, placing a finger on the screen, or entering a PIN. By doing so, the passkey is generated and the connection between the app in question and the device in your hand is verified. You will have to repeat the unlock procedure each time you need to log in to that app in the future. The duration of that authentication will differ, just like with passwords: While you often need to log in to your banking app each time, social media accounts typically only require one login per device.

A QR code will work its magic to let you access websites on your PC from your phone. When you scan the QR code on the website with your phone and complete the mobile device unlock process, your identity is verified and you are logged in to the website.

In case you lose access to one device, you can still access your accounts from another one or from the cloud, provided you are able to provide the required authentication (and you haven’t changed your fingerprints or face in the interim). For example, Google Password Manager is adding support for passkeys.

Even better WIRED stories

  • 📩 Updates on science, technology, and other topics: Download our newsletters!
  • Part two of the pursuit of the largest kingpin on the dark web
  • Artists, don’t be afraid of AI image producers.
  • The internet’s most vulnerable location
  • Age of Empires was released 25 years ago. It’s being shaped by fans
  • Would you exchange your vacation time for money?
  • Utilize our new database to explore AI in a whole new way.
  • 🏃🏽‍♀️ Want the greatest resources to improve your health? See our Gear team’s recommendations for the top activity trackers, running accessories (such shoes and socks), and headphones.

Related Posts

Leave a Comment