Google has rolled out a new feature called “Passkeys,” which is designed to eventually replace traditional passwords. Passkeys are a type of two-factor authentication (2FA) that allows users to sign in to their accounts using their mobile devices instead of a password.
The Passkeys feature uses a combination of biometrics, such as face or fingerprint recognition, and an on-device security key, which is a physical security token that can be used to authenticate the user’s identity. This means that even if a hacker were to obtain the user’s password, they would still need physical access to the user’s mobile device to gain access to the account.
Also Read: Google Authenticator finally syncs one-time codes in the cloud
Since the dawn of the internet (and computing in general), password-based authentication has become the norm. However, the system has severe security flaws, including the possibility that hackers may steal your password or deceive you into providing it through phishing attacks.
The passkey system relies on a separate paradigm that leverages cryptographic keys kept on devices used for account authentication in order to specifically combat phishing assaults.
Passkey standards were originally created by the FIDO Alliance, a security collaboration with several IT companies as members. Passkeys are now a reality thanks to efforts from Microsoft, Apple, and Google. Apple made its passkey option available with the launch of iOS 16, enabling users to use this feature across applications, including Apple Wallet.
In October 2022, support for Passkey was made available on Google Chrome and Android devices. Today, Gmail and Drive are also able to use the feature. Password selection is notoriously difficult for people. However, adding even a single special character or alphanumeric string won’t provide complete security against malicious users.
In contrast, passkeys are typically regarded as being more secure than alternative methods, with Google even describing them as “resistant to online attacks like phishing.”
Google will still offer two-factor authentication and passwords as additional account access methods. Through end-to-end encrypted services like iCloud Keychain and Google Password Manager, Passkeys can sync between your devices.
Also Read: Google TV now has over 800 ad-supported free channels
Another option is to create a QR code on a device that is signed into your Google account, which will identify another device where you want to log in and then set up passkeys on numerous devices using that code.
Passkeys are part of Google’s broader effort to move away from passwords and toward more secure authentication methods. The company has also developed other 2FA options, such as the Google Authenticator app and Google Prompt, which sends a notification to the user’s mobile device asking them to approve the login attempt.
I am a law graduate from NLU Lucknow. I have a flair for creative writing and hence in my free time work as a freelance content writer.