Passkeys, or access keys, are the future of authentication, a future in which the big technology companies, such as Google, Apple and Microsoft, among others, have been working for a long time, in order to put an end to an element that has historically been key in access protection, but for years it has been shown to be insufficient in many circumstances. I mean, of course, passwords, and the multiple risks that are usually associated with them.
In case you don’t know what they consist of, A passkey is a digital credential linked to a user account and a website or application.. Passkeys allow users to authenticate themselves without having to enter a username, password, or provide any additional information. In this way, by eliminating the need for the user to enter their credentials, the plethora of risks that are usually associated with these processes is eliminated, from choosing weak passwords to falling for phishing attacks.
A passkey works in the following way: when an application or website asks you to register or identify yourself, your device allows you to create a passkey for that website or app, a process in which you will have to identify yourself using your fingerprint, your face or your PIN. That passkey is stored securely in Password Manager and is synced with the rest of the devices associated with your account. Later, when you want to log in, you only have to select the passkey and activate it with the biometric method or the PIN, whichever you have chosen.
As I indicated previously, Google is one of the technology companies most committed to the development of passkeys, and the most recent example of this is that Today they have started the deployment of passkey for access to Google accounts, as we can read on the company’s blog. For those users who wish to try it, access to configure a passkey on a device is carried out through g.co/passkey, a website that we will have to access from the device on which we want to be able to use it. The configuration of a new passkey is quite simple and, in addition, the process shows the necessary instructions to carry out each step.
Regarding compatibility, Google’s passkey implementation is compatible with Windows 10, macOS Ventura, and ChromeOS 109 or higher, and as regards browsers, we can use it with Google Chrome and Microsoft Edge 109, Safari 16 and, of course, later versions as well. And for those who want a higher level of security, using a hardware key to protect their access, it will be essential that it be compatible with FIDO2.
The passkey implementation does not mean, in the short term, the disappearance of passwords and 2FA means of accreditation. However, if we take a longer-term look, it is clear that big tech wants to do away with the password as an authentication system. Therefore, for now we can refrain from starting to use this system if we prefer, but this is a reminder that, in the medium term, and especially in the long term, we will end up having to take this step, whether we like it or not.
