SAN FRANCISCO, Calif. (AP) - Good news for password haters: Google is taking a major step to make them obsolete by adding a simple and secure method of logging into its services.
What are Passkeys?
Passkeys are a better alternative to passwords or confirmation codes sent via text message. They are never seen by the user; rather, online services like Gmail use them to communicate with trusted devices such as your computer or phone to log you into their service.
You can verify your identity by using your PIN code, biometrics like your fingerprints or face scans or an advanced physical security dongle.
Google has designed its passkeys so that they work on a wide range of devices. You can use them with iPhones, Macs, Windows computers, and Google's Android phones.
Why are Passkeys necessary?
Passwords are easy to hack or crack thanks to hackers' cleverness and the human fallibility. Making them more complicated will only encourage users to defeat themselves.
Easy-to-remember passwords are easy to hack. Years ago, an analysis of password caches revealed that the most popular password was "password123." NordPass, a password manager, conducted a more recent study that found the most common password to be 'password'. This is a ruse.
Security breaches also compromise passwords. It is better to choose passwords that are complex, unique and not obvious. Once you decide on a password like 'erVex411$%,' good luck with remembering it.
Passwords are a compromise between security and convenience. Software-based password manager, which creates and stores complex passwords, can be a valuable tool to improve security. Even password managers require a master password that you must protect.
Passkeys are a great way to avoid all of these problems. They also have an advantage over passwords. Passkeys are specific to a particular website, so scammers can't take a passkey for a dating site to steal your bank account.
How do I start using a passkey?
The first step is to enable the Google Account. Sign into your Google Account on any computer or phone that you trust. Visit the page.
Now, the passkey function is activated on that account.
You'll be asked to first confirm your Apple device.
Keychain App: How to install and use it
If you don't already use it, it stores passwords securely and now also passkeys.
The next step is to create your passkeys. These will be used to connect the trusted device. You're already on your way if you have an Android phone logged in to your Google account. Android phones are ready for passkeys by default, but you must enable them first.
Look for the button 'Create Passkey' on the same Google Account page as described above. By pressing it, you will be taken to a window where you can create a passkey on either your current device or another device. The system will notify you if the passkey is already in use.
You can use the normal camera on iPhones or Android devices to scan a QR code if you are using a PC which cannot create a passkey. It may be necessary to move your phone closer so that the message "Set up passkey" appears on the picture. You can now proceed.
After that, you will only need to enter your email when signing in to Google. You'll receive a message asking for your PIN, fingerprint or face if you have passkeys configured correctly.
Your password is still available. If passkeys become popular, you may not need it as much. You might even decide to delete it someday.