This is the latest move since Google announced support for a passwordless standard for accounts across platforms. Passkey is a FIDO Alliance-backed solution that provides a more secure way to log in to apps and websites without the need for a traditional password. This can be achieved by simply unlocking a user's computer or mobile device using biometrics (fingerprint or facial recognition) or a PIN.
Google says the next time users sign in to their account, they'll start seeing prompts to create and use a passkey, making future sign-ins easier. It also means they'll see the 'bypass password' option enabled in their Google Account settings.
Passkey is a login mechanism that leverages public key cryptography to authenticate user access to websites and applications, with the private key stored securely on the device and the public key stored on the server.
Using passkey as default method simplifies login authentication
Each passkey is unique and linked to a specific username and service, meaning a user will have at least as many passwords as they have accounts. However, they will have multiple passkeys per account because it only works within the limits of the same platform. This means a user can have a passkey for each website for Android, iOS, macOS, and Windows.
When logging into a website or application that supports passkey, a random code is generated and sent to the user, requiring biometric or PIN verification to be signed and sent back to the server.
The benefit of passkey is that it not only helps reduce the hassle of remembering passwords but also has anti-phishing capabilities, thereby protecting users from common account hijacking attacks today.
Source link
Comment (0)