Site icon News Update

Explained: What are passkeys and how Google wants to be free of passwords – Times of India

Aren’t there just too many passwords to remember? As necessary passwords are they can be quite irritating as well. For a while now, the bigwigs of tech town have been working on going password-less. Apple already with iOS 16 revealed that passkeys will make it easier for users to not use passwords but the implementation is still in works. And now Google has released an update to developers that will help them ditch passwords and use passkeys. Here we explain what are passkeys, how they will replace password and all other details.

What are passkeys?

According to Google, a passkey is a digital credential, which is directly tied to a user account and a website or application. With passkeys, users will not have to enter any sort of username, password or even use additional authentication factor. Google believes that passkeys are a safer and easier replacement for passwords. With passkeys, users can sign in to apps and websites with a biometric sensor (such as a fingerprint or facial recognition), PIN, or pattern, freeing them from having to remember and manage passwords. Further, Google says that the user experience can be “as simple as autofilling a password form.”


How to create a passkey?

For a passkey to work for any website or app, a user first must register with that website or application. The next time when users return to the website or app to sign in, they can take the following steps:

  1. Go to the application.
  2. Click Sign in.
  3. Select their passkey.
  4. Use the device screen unlock to complete the login.

Do keep in mind that Google is making this technology available for developers and it will take sometime before it reaches users.

How do passkeys work?

The best thing about passkeys is that they aren’t restricted to any particular operating system, say Android or iOS. Passkeys stored on phones can be used when logging into a laptop, even if the passkey is not synchronized to the laptop. For this to work, the phone has to be near the laptop and the user has to approve the sign-in on the phone.
Google explains this with the help of an example. Google explains how this’ll work. “For example, a user visits any website on their Chromebook. This user has previously logged into the same site on their iOS device and generated a passkey. On the Chromebook, the user chooses to sign in with a passkey from another device. The two devices will connect and the user will be prompted to approve the use of their passkey on the iOS device, e.g. with FaceID.”
On Chrome on Android, passkeys are stored in the Google Password Manager, which then “synchronises passkeys between the user’s Android devices that are signed into the same Google account,” explained Google.

How secure will passkeys be?

Very secure, as per Google, as it says passkeys provide robust protection against phishing attacks, unlike SMS or an app based one-time passwords. “Since passkeys are standardised, a single implementation enables a passwordless experience across different browsers and operating systems,” said Google in a blog post. Further, passkeys use public key cryptography which reduces the threat of potential data breaches. When a user creates a passkey with a site or application, this generates a public–private key pair on the user’s device. “Only the public key is stored by the site, but this alone is useless to an attacker. An attacker cannot derive the user’s private key from the data stored on the server, which is required to complete authentication,” explains Google.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsUpdate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@newsupdate.uk. The content will be deleted within 24 hours.
Exit mobile version