Google brings passkey support to Chrome so you can ditch passwords
Passwords are a problem. They are difficult to remember, often easily guessed or cracked, and generally just a pain. Google is looking to help by adding secure, password-free login to Chrome 108 thanks to newly added passkey support.
The security feature is available to users of Windows 11, macOS and Android, and it follows a short period of beta testing. Backed by the likes of the FIDO Alliance, Microsoft, Apple, and -- of course -- Google, passkeys are a step away from the password managers so many of us have become reliant on.
See also:
- Google now lets you search tabs, bookmarks and browsing history from the address bar in Chrome
- You could soon be able to grab the Twitter handle of your dreams
- Microsoft gives some Windows 11 users early access to the new Snipping Tool screen recorder
Essentially a variant of 2FA, passkeys rely on you having a second device, such as your phone, to log into your computer. This means that rather than entering a password to access your PC, you will instead confirm your identity by scanning your fingerprint on your mobile. It's a simple idea, and one that serves as an alternative to other options such as USB security keys.
Writing about the new security feature in a blog post, Chrome product manager Ali Sarraf says:
You can use passkeys to sign into sites and apps that support them. Signing in with a passkey will require you to authenticate yourself in the same way that you unlock a device.
With the latest version of Chrome, we're enabling passkeys on Windows 11, macOS, and Android. On Android your passkeys will be securely synced through Google Password Manager or, in future versions of Android, any other password manager that supports passkeys.
Once you have a passkey saved on your device it can show up in autofill when you're signing in to help you be more secure.
On a desktop device you can also choose to use a passkey from your nearby mobile device and, since passkeys are built on industry standards, you can use either an Android or iOS device.
For those concerns about security, Google offers the follow reassurance:
A passkey doesn't leave your mobile device when signing in like this. Only a securely generated code is exchanged with the site so, unlike a password, there's nothing that could be leaked.
To give you control over your passkeys, from Chrome M108 you will be able to manage your passkeys from within Chrome on Windows and macOS.
There is far from universal support for passkeys at the moment, thanks to a slew of compatibility issues, but it is still very early days for the password replacer.
Google explains:
For passkeys to work, developers need to build passkey support on their sites using the WebAuthn API. We've been working with others in the industry, especially Apple and Microsoft, members within the FIDO Alliance and the W3C to drive secure authentication standards for years.
Our goal is to keep you as safe as possible on the web and we’re excited for what the passkeys future holds. Enabling passkeys to be used in Chrome is a major milestone, but our work is not done. It will take time for this technology to be widely adopted across sites
The company also points out that iOS and Chrome OS support is currently under development.
Image credit: fermate / depositphotos