There’s a decent chance you’ve been using a fingerprint, face recognition, or PIN to login to your smartphone for ages. It’s quicker and simpler than entering a long, hard-to-remember and harder-to-type password.
Now you can sign into your Google Account the same way, because Google has announced it’s rolling out support for “passkeys.”
A Passkey is basically a system that lets you login to an app, website, or service without using a password. You use an app or device to generate a secure, unique passkey that’s stored locally on your smartphone or other device and which allows you to login thanks to public key encryption.
Passkeys are stored on your device and communicate with remote services using public key encryption. You can unlock a passkey with your face, fingerprint, or a PIN or master password. But you won’t need to remember unique passwords for every site you visit.
The upshot is that passkeys are considered more secure than passwords. Not only can the be more complex than a string of characters that you memorize, but since they’re not stored on a remote server they’re unlikely to end up in a hacker’s hands next time LastPass is breached.
If your passkey is on your phone, for example, a user could only use it to access your accounts if they have physical access to your phone. And if you enable biometric authentication, that means that someone who steals your phone wouldn’t be able to login without your face or fingerprint.
Google isn’t requiring users to switch to passkeys, but the company says they’re rolling out now as an option for users to secure their accounts, along with passwords and 2-step verification (which you can also continue to use).
Just out of curiousity, what backup options do they have in case your phone is lost/stolen/breaks?
Can you register more than one passkey? You know, have more than one device registered? That way maybe you could have it on a tablet that stays home and that way if something happens to your phone while out and about there’s a device you can use to get back into your accounts at home.
The first image offers “signing in with another phone or tablet” or “external security key”.
cant biometrics also be stolen? its just data.