The Google’s Chrome browser now supports passwords, a leak-proof version of passwords that a smartphone can use as a token to authorize browser users to access web pages. This means that it will soon be possible to forget about passwords in Chrome. Of course, it is not something that is going to happen overnight, because the pages have to activate the option that allows them to be compatible with passkeys, for which they have to request it. Therefore, we will have to wait a bit until this possibility is available on all pages, or at least on the most relevant ones.
The passwords are stored in Google Password Manager, Google’s password manager. Also in apps compatible with passkeys in future versions of Android. According to Google, Passkeys are enabled in the latest versions of Chrome for Windows 11, MacOS, and Android.
Although we have defined it as a version of passwords, passkey itself is not a password. It is a token that is stored on a compatible smartphone or desktop application. When an Internet user accesses a website in which they have to identify themselves, the token communicates with the website or app in which they have to identify themselves. No password is used, so there are no passwords stored. They are not exchanged either.
Furthermore, a passkey does not leave a smartphone or a computer when it is used to identify yourself to access an account. What it does is generate a code in a secure way, which is what is exchanged with the site that requests the identification. In this way, by not sharing a password, even encrypted, any element that could leak or fall into the hands of cybercriminals disappears. His arrival is part of an agreement that Apple, Google and Microsoft signed last May.
Of course, if they wish, on a mobile, users and visitors to a website can use a password stored in a password generator or use a passkey. Users will be able to authenticate their password with their lock screen, or more likely, with a fingerprint reader, like you do in your bank’s app.
To use a passkey on a desktop computer, the process is similar. It is likely that it can replace any password on a website. Here, however, there would be three possibilities: connect with Windows Hello using fingerprint or facial recognition, connect with a smartphone the same as when accessing from a mobile, or using a secure usb key.
