The Google It has kept its promise and is already executing account logins without having to constantly enter the password, using only private keys or pass keys, based on facial and fingerprint recognition systems. An option available from today onwards Android s Chrome.
Technology is making this change to enhance the security of users. Google claims that access keys are a “more secure alternative to passwords and other authentication factors.” “It cannot be reused, it does not leak on hacking servers, and it protects users from hacking attacks. phishing‘, explains the company in a file Articles for developers.
passwords
User security improvements
Access keys follow familiar UX patterns and build on the existing password autofill experience. It’s not a new format for users, rather it’s similar to using a saved password today, where they simply confirm using their existing device’s screen lock, like their fingerprint. All data is safe, because it is securely synced through Google Password Manager.
Read also
In addition, users can use the access keys stored on their phones to log into apps and websites on other nearby devices, without having to constantly confirm the password. This way, a user with an Android device can log into their account from the Mac browser, Safari, just like an iPhone owner can log into Chrome using the password saved in iOS.
Access keys follow patterns based on the current password autofill experience
Thus, the company adheres to the announcement it made a few months ago, when it indicated that it was paving the way for a system based on access tokens based on the proposals of the FIDO Alliance (Fast Identity Online).
This alliance, to which some of the most important technology companies belong, seeks to create new secure standards for managing digital services and plans to abandon traditional systems, such as passwords or two-factor authentication.
Read also
The Google
How do passkeys work?
This system of private keys or pass keys It has no ambiguity. As Google explains, for the end user, creating a passkey requires only two steps: confirm your passkey account information and provide your fingerprint, face, or screen lock when prompted.
In the case of logging in, it is not too complicated either. First, the user chooses the account they want to log into. Then, you just have to provide your fingerprint, face, or screen lock when prompted.
Google Passkeys will not be available to all users for a few months
The manufacturer indicated that developers can now create access keys compatible Android apps or Chrome websites through the WebAuthn API. To do this, they have to sign up for the Google Play Services beta and use Chrome Canary.
However, the final landing will take place in the coming months. The company expects that both features (key sync and cross-platform compatibility) will be generally available on stable channels later this year.
Read also
protection
Google is ahead of Apple
In terms of security, all tech companies are on the same path. It should be remembered that Apple also announced this summer that it will introduce a new authentication function on iPhone, iPad, and Mac with which you can sign in to compatible websites using TouchID or FaceID. Therefore, the California-based company said pass keys At the end of the year they will arrive on these devices with a preview inside iCloud Keychain.
“Beer enthusiast. Subtly charming alcohol junkie. Wannabe internet buff. Typical pop culture lover.”