Over the last one and half decade, smartphones have become very integral and an extension of our lives, so much so that most people won't even leave home without it. The convenience of owning a phone is unparallel among consumer electronics. You can order food, hail a taxi, file income returns, exchange pleasantries (in the form of videos/voice/messages), and transact cash in a few simple taps on the touchscreen.
However, for every online account, users have to register with a username and password. Most of them, to make it easier to remember them, reuse the same credentials and this has the risk of getting lost. Even if one account gets compromised through phishing techniques by cyber criminals, other accounts too will be under threat and people have to pay big time.
Even though there are dedicated apps to store usernames and passwords, they too are vulnerable to data breaches and the loss of millions of users' details.
To thwart such threats, earlier in the year, major technology firms such as Google, Apple, and Microsoft jointly announced to work together to bring a more secure login process and even end the need for passwords altogether.
In October, Google set the ball rolling by inviting independent developers and the public to test the passkey feature for Android and Chrome devices.
What is Passkey?
In simple terms, a Passkey is a short user ID alternative for a particular online account. There is no need to remember any complex alphanumeric passwords or an answer to the trick question either.
Users just have to go to their desired website and the phone/desktop knows the owner's user ID and auto-fills it for authentication (see the animation below), he/she just has to use their on-device security feature such as fingerprint or the FaceID or the phone's lock screen PIN to log in.
And, on a desktop device, users can choose to use a passkey from the companion mobile device and, since passkeys are built on industry standards, you can use either an Android or iOS device. It is similar to how you can open WhatsApp on the desktop browser by scanning the on-screen QR code through the phone with a registered primary account.
Google also noted that the passkeys will be securely synced through Google Password Manager or, in future versions of Android, any other password manager that supports passkeys.
And, it is added that the passkeys don't leave the mobile device when signing in like this. Only a securely generated code is exchanged with the site so, unlike a password, there's nothing that could be leaked.
This is a seamless smooth process and is said to be the most secure authentication system. There will be no threat of people losing password details even if they have an account on the website, which gets hacked or data breached. The cybercriminal won't get any access to the account except for the user name and nothing else.
Now, the search engine giant has officially released the new update to the Chrome browser (M108 series) that brings the passkey feature to Android and to desktops with Windows 11 and macOS. It is being rolled out through an update and it may take a few days to reach around the world.
It should be noted that the new Passkeys feature is compliant with global standards set by World Wide Web Consortium (W3C) and the FIDO (Fast ID Online) Alliance.
And, Google will continue to work with partners including Apple and Microsoft to further improve the security standards, as digital security is an ever-evolving space.
Apple and Microsoft are slated to bring the Passkey-like feature to their devices in 2023. And, the process will have a similar user interface across all platforms so that there is no confusion for consumers with different branded devices.
Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.