Fed up of remembering too many passwords? Google has a solution to your problems
Instead of requiring a password to get into any website or app, users would now have the option to prove their identity using PINs or biometric authentication.
Google has released a new feature for Android and Google Chrome users to sign into different services without requiring individual passwords. The new feature called ‘Passkey’ will add additional security and become an easier alternative for traditional two-factor authentication method.
What is the passkey?
Developed by the World Wide Web Consortium (W3C) and the FIDO Alliance, Passkey is a password less sign-in option for users. Instead of requiring a password to access any website or app, users would now have the option to prove their identity using PINs or biometric authentication.
According to Google, when passkey is created, only the relevant public key is saved by the online service while the cryptographic private key exists only on the user’s devices. A signature from the private key is verified by the service at login using the public key, which can only originate from one of the user’s devices.
Additionally, to make it secure against exploitation after theft, this feature can only be used after the user unlocks his device or credential store.
How to set up a passkey?
This feature is currently available only for developers and Google is planning to release it for regular users only later in this year. However, once it is available, the Android smartphones users will be able to effortlessly establish a passkey.
To do so, they have to select a Google account, then verify using their registered fingerprint or face unlock to complete the procedure.
The passkey will be backed up to a cloud-based Google Password Manager. With this, when the user changes the device, encryption keys would securely get transferred to the new device.