Password is gone and Passkey is came
Passkey. A digital authentication tool that can be used instead of passwords. It allows you to log into a website account without entering a username, password or additional authentication.
Many websites. Multiple accounts. Usernames and passwords for everything. Remember these words? Creating something new every time it is forgotten. Sometimes it seems like a big farce. Annoying. That’s why big tech companies are turning their attention to an internet world without passwords. Apple has already introduced passkeys as an alternative to passwords with the iOS 16 update. Recently Google also announced passkey support for developers in Android and Chrome. What about passkeys as a secure alternative to passwords?
Passkey. A digital authentication tool that can be used instead of passwords. It allows you to log into a website account without entering a username, password or additional authentication. It is directly linked to the user account.. website or application. So it is expected to be an easy, secure alternative to passwords. Biometric sensor like fingerprint, facial recognition, etc. can sign in with PIN or patterns. This eliminates the need to manage passwords. Google says it’s as easy as the auto filling password form.
How to create?
To create a passkey, you have to register on the respective websites and apps first. Later some rules should be followed while signing into them.
* Go to the application/website.
* Click on Sign in button.
* After that select passkey.
* The login process should be completed with the help of device screen unlock.
* Currently only available to developers. It should be noted that it will take some time to become available to all.
Synchronize with different devices
It is noteworthy that passkeys are not limited to any operating system like Android and iOS. The passkeys stored on the phone can be used whenever logging in on the laptop. There is no need to synchronize the passkeys with the laptop. For this, it is enough to have the phone close to the laptop. If you approve the sign-in on the phone, you can also log in on the respective websites on the laptop. For example- suppose you visit a website on a Chromebook. Assume that you have already logged into the website on the iOS device and created a passkey. You can log in with the same passkey on the Chromebook. Approving the passkey on the iOS device is sufficient. In Chrome on an Android device, passkeys are stored in Google Password Manager. Passkeys sync between Android devices signed in with the same Google account.
How safe is it?
Google says Passkeys are very secure. Explains that it protects well from phishing attacks. Because Passkeys are standardized, once you start using them, you can have a password-free experience across browsers and operating systems. Moreover, passkeys use public cryptography. Hence data breach is reduced by 30%. When we create a passkey with any website or app it generates a public-private key pair on our device. Only the public key is stored on the site. This is of no use to attackers. Because authentication is complete only when paired with the private key. Attackers cannot derive the private key from the data stored on the server. Even if the phone is lost, the passkeys stored in it and the PC will be connected through the cloud.