Apple earlier last year introduced Passkeys and it was followed by Google earlier this year. However, now, Google is taking a step further and is introducing Passkeys as the default option for securing your accounts in place of a password. So here’s everything you need to know about the latest development.
What are Passkeys?
Passwords are the most common way to sign in to apps and websites, but they have many drawbacks. They can be hard to remember, easy to guess, or stolen by hackers. They also require users to type them in every time they want to access their accounts, which can be inconvenient and time-consuming.
On the other hand, a Passkey is a much easier way to unlock your account. A passkey is a FIDO credential stored on your computer or phone, and it is used to unlock your online accounts. It works using public key cryptography and proof that you own the credential is only shown to your online account when you unlock your phone.
Are passkeys more secure than passwords?
Passkeys are more secure than passwords because they are uniquely generated for every account by your own device, and are less vulnerable to phishing attacks. And they work on all your devices that are signed in to the same Google or Apple account.
How to use Passkeys?
To create a passkey for an app or website, you need a device that supports FIDO2, such as a laptop, desktop, smartphone, or tablet. You also need a supported browser, such as Chrome, Safari, or Edge. You can create passkeys on multiple devices, as long as they are signed in to the same Google or Apple account
Then, to sign into a website or app on your phone, you just unlock your phone, as now your account won’t need a Password anymore. Or if you’re trying to sign into a website on your computer, you just need your phone nearby and you’ll be prompted to unlock your phone, which in turn will grant you access on your computer.
When you sign in with a passkey, you simply tap the account name field on the sign-in screen and choose the suggested account name that appears. Then you use your device’s biometric features or screen lock to unlock the encrypted key.
What are Google & Apple doing with Passkeys?
Google and Apple have been promoting passkeys as a way to improve the security and convenience of online authentication. They claim that passkeys provide the strongest protection against threats like phishing, where hackers try to trick users into revealing their passwords by sending fake emails or websites.
Google and Apple have also been integrating passkeys into their own products and services. For example, Google has enabled passkeys for signing in to Google accounts on Chrome browsers and Android devices. Apple has enabled passkeys for signing in to iCloud accounts on Safari browsers and iOS devices.
Alongside Apple and Google, Microsoft is also a part of the alliance. “This joint effort to create a safer alternative to passwords is rooted in passkeys — and starting today, you can sign up for passkeys using the “skip password when possible” prompt in your Google account”, said Google in a blog post published on October 10, 2023.
Google wants its users to go completely Passwordless. As a result, it is now making passkeys even more accessible by offering them as the default option across personal Google Accounts. This means the next time you sign in to your account, you’ll start seeing prompts to create and use passkeys, simplifying your future sign-ins. Hence, the “Skip password when possible” prompt.
The brands have been urging other developers to integrate passkey support into their services and apps. The most recent additions to the list of apps which support passkeys include Uber and Ebay. Furthermore, WhatsApp is already working on Passkeys support and it is available to some users who are using the beta version of the app. “We’ll continue encouraging the industry to make the pivot to passkeys — making passwords a rarity, and eventually obsolete”, said Google.