Technology uses smartphone authentication and promises to be the new login security standard
Google started this week testing for the use of passkeys on Android and Chrome . This new technology promises to increase users’ cybersecurity by eliminating the “human factor” in creating passwords and using cellular authentication for users to access their accounts.
In May, Google, Microsoft and Apple announced a partnership to improve technology that eliminates the use of passwords for logins. The three companies promise that all their services will support passkeys from 2023. Google’s tests are compatible with MacOS and Windows systems, as authentication is done by Chrome, but it is still necessary to use an Android smartphone.
Passkeys: the traditional QR Codes and biometrics for a secure login
To some, a world without passwords may sound “futuristic”. However, Google’s passkey technology , also called passwordless (“no passwords” in direct translation), uses already known methods to ensure a secure login: QR Code and biometrics.
Android smartphone users who want to test passkey will need to opt-in to this type of login in supported services.
After accessing a compatible service, the first step in using the passkey is to associate it with an account. Once this is done, it will be necessary to use biometrics, facial recognition or other cell phone unlocking method to authenticate access.
:format(webp)/https%3A%2F%2Flh3.googleusercontent.com%2F5F0EDdfA2W1u36N2ssGFR_oQXNzwmAOolQEwPEeKy0q0Uzj95tG4ufv8FvY93Nc7z-m6cPy-V4KPIWdYAwrrIUnZM2d9CaLiDDy0ss5pkuyGtsgjTaLtCHRlcqzZjR8lzkDLZimeABrh3V2MD6lRpITL3DmGwCAQmayqpRsUU4m2wyRyFea64ejZ3Q)
To log in, simply click on the account you want to log in and use the authentication method chosen earlier.
:format(webp)/https%3A%2F%2Flh5.googleusercontent.com%2FqncQW9mbpq17AGic_rLeChKyN6e3u7cZISJN8hE_brpszK1YQtQp7Pw3noAjMycvMuv--1fJEjXdJ00Yxk1vWSooETsjg5430QGz72K4RFIgWc0Z4FD8VdABd05YyEQc29n86REaYtjOEUSTKlqXuH0iFu55KgMwrU_RKIwJ1Wd3-S3N8KI7Zz7z3w)
For desktops and laptops, the user will need, in addition to the Chrome browser, a smartphone — at the moment, only Android phones allow you to create a passkey for Safari and Chrome, regardless of whether it is installed on MacOS or Windows.
Passkey -compatible sites will display a QR Code for the user to receive a code on their smartphone . The reading of the QR Code will be carried out by the cell phone’s own camera — dispensing with the use of Google Auth.
:format(webp)/https%3A%2F%2Ffiles.tecnoblog.net%2Fwp-content%2Fuploads%2F2022%2F10%2Fgroup-26085211.png?resize=341%2C272&ssl=1)
Adeus ao phishing?
One of the security advantages of the passwordless login method is to protect users from phishing scams . This practice consists of creating a fake website for the victim to enter the password of a very important account, a classic example is internet banking .
With the login done by a passkey , the password is always updated , so the cybercriminal will not be able to rely on the passwords stored through your fake website. In addition, with more services adopting the method, password leaks would affect fewer users – a salvation for those who often use the same password for multiple accounts.