Revolutionizing Online Security: How Tech Titans like Apple, Google, and Microsoft are Combining Ease and Safety with Passkeys, Foiling Phishing Scams.
.
Google has taken a giant step in encouraging the use of authentication technology that aims to fix the limitations of passwords. The search engine giant now allows users to log into their Google accounts using passkeys. Passkeys are cryptographic security-based, and they connect your login privileges to your phone or computer, using biometric authentication steps like facial recognition and fingerprints. The technology was developed by Apple, Google, Microsoft, and other industry players to make online authentication both secure and effortless.
Google already supports passkeys on its Chrome browser and Android phone software. However, it is now official that you can use the technology to log into Google websites. For now, passkeys can work alongside other authentication methods, including passwords and hardware security keys, allowing users to try out the technology without necessarily replacing the existing methods.
Passkeys present an opportunity for secure and effortless authentication that could eventually replace passwords entirely. Given the millions of people who use Google's services, including YouTube, Gmail, and Workspace, the introduction of passkey support on Google platforms is a major moment for this technology. According to two Google executives overseeing the project, Christiaan Brand and Sriram Karra, passkeys are the beginning of the end for passwords.
Passkeys are designed to sidestep the limitations of passwords. Users often pick easily guessable passwords that are easy for hackers to crack, and they reuse these passwords across multiple accounts, exposing them to credential-stuffing attacks. Passkeys are anchored on cryptographic standards that protect e-commerce transactions and network communications, repurposed for authentication by the Fast Identity Online Alliance. This group started with hardware security keys, a robust mainstream authentication technology that it repackaged as passkeys to make it simpler and more affordable to use.
Google's support for passkeys comes after a few sites beat it to the game. eBay, PayPal, Shopify, and DocuSign are among the companies that already offer passkey login. Passkey authentication credentials are set up to work with an app or website's service, and the actual authentication happens locally on the user's device, which eliminates the risk of phishing attempts trying to get users to share their credentials or sensitive information with fake websites.
While passkeys are still anchored to specific tech ecosystems, the FIDO Alliance, which developed the technology, is working on technology to allow users to import and export passkeys. Password managers like Bitwarden, LastPass, Dashlane, and 1Password are active at the FIDO Alliance, working on technology that will enable users to switch between ecosystems.
The use of passkeys eliminates the vulnerabilities of traditional passwords and multifactor authentication, making the creation of new phishing-resistant and passwordless accounts effortless. Dashlane, for instance, has already incorporated the technology and now allows users to log into its password manager using a passkey instead of a master password.
0 Comments