Tech giant Google has finally started rolling out passkey support in Chrome with stable build 108, for better security. These are intended to replace the traditional passwords.
After announcing the end of passwords on Chrome a few weeks ago, Google is finally starting to roll out passkeys to its internet browser. In effect, Google Chrome update 108 finally supports passkeyswhich are considered future replacements for passwords.
What are Passkeys?
For those who don’t know, Passkeys are unique digital keys that are easy to use, but above all more secure than passwords. These are not stored on a web server, but locally on your device. Passkeys are therefore digitally encrypted credentials linked to an application or web account.
To log in with a passkey, users will need to authenticate the same way they unlock a device. Thus, if you wish for example to connect to one of your accounts on Google Chrome, it will now be possible to do so thanks to biometric authentication. In other words, you just have to use your face with Face ID or your fingerprint instead of writing down a traditional password.
Passkeys can therefore be likened to two-factor authentication. When you want to log in to your account on a new device, such as a computer, you will need to prove your identity using your main device: your smartphone. As you can already do for example by accepting a payment on your online banking application, you will need to use the fingerprint registered in your smartphone to log in to your accounts on Google Chrome.
Passkeys will put an end to hacks
While passwords can be used insecurely with short text strings shared across many sites, a passkey should always be unique in content and secure in length.
Despite the need for strong passwords, some Internet users still prefer the simplest character strings. In 2022, “123456” still tops the list of most used passwords on the planet, as does the phrase “password” itself. However, the basic rule remains to choose a password that hackers are unlikely to guess.
If a server is breached, the hacker does not get your private key and it is not a security issue as a password leak would be. Passkeys can’t be hacked, and because they require your phone to be physically present, it’s impossible for a hacker to take control of one of your accounts.
To note that passkeys are synchronized via Google Password Manager (or any other supported credential manager) on Android. Once saved, the new option will appear automatically during logins. Chrome for Android simply asks if you want ” Use saved password or passkey “, the latter requiring biometric authentication (face or fingerprint).
On Windows, passkeys will be saved to Windows Hello, and on iOS and macOS, to the Keychain app. Some of these platforms allow synchronization of keys between devices, others do not. Indeed, signing in to an Apple device should sync your passkey access to other Apple devices via iCloud, and the same goes for Android via a Google account. However, it will not work on Windows, Linux or Chrome OS.
