How to Use Passkeys in Google Chrome and Android
These passkeys use public key cryptography. So if they are involved in a data breach, without your face or fingerprint they are useless to bad actors. Likewise, if your laptop or phone is stolen, you won’t be able to access your accounts because you won’t be around to provide the necessary authentication.
This isn’t just a Google initiative. Organizations like the FIDO Alliance and the W3C Web Authentication Group are also working diligently towards a passwordless future, so you can use these systems on any device, whether it’s from Google, Apple, Microsoft or any other hardware manufacturer.
Set up and use passkeys
The good news is that using passkeys is as easy as unlocking your phone – it’s designed to be as easy as possible. You can switch to a Passkey system for your accounts, but only if the app you’re signing into and the device you’re using have been updated with Passkey support.
Let’s say Google has finished Passkey support for Android, you log into an app that has been updated to use Passkeys, and you said yes when prompted to switch from a default password. You’ll then be prompted to create a passkey, which means you’ll need to perform the same action you need to take to unlock your phone – show your face, press your fingerprint, or enter a PIN. This creates the passkey and authenticates the connection between the app in question and the device in your hand. Whenever you need to log into this app in the future, you will have to go through the same unlocking process. As with passwords, the duration of authentication varies: your banking app usually requires you to log in every time, while a social media account often requires one login per device.
You can also log into websites on your computer from your phone through the magic of a QR code. A QR code will appear on the website, which you scan with your phone. Once you go through the unlocking process on your mobile device, your identity will be verified and you will be logged into the website.
Encrypted syncing between devices is also handled – Google Password Manager, for example, adds support for passkeys. So if you lose access to a device, you can still access your accounts from another device or from the cloud, as long as you are able to provide the required authentication (and you have your fingerprints or her face not changed).