Google Chrome now with passkey technology support. Even Google Chrome – like Safari – now supports “passkey“, the technology desired by Apple, Google and Microsoft which should lead to a password-free future: in other words, a mechanism to authenticate on various sites and services without the aid of a password but exploit biometric identification mechanisms (e.g. Face ID on iPhone or Touch ID on iPhone and Mac).
On the latest versions of iOS and Android, users who visit sites that support this authentication mechanism can use biometric systems of devices considered safe to confirm their identity.
Developed based on industry standards for account authentication, passkeys are easier to use than passwords and far more secure. From a technical point of view, they are cryptographic entities that are not visible to users and are used instead of passwords. A passkey consists of a pair of keys, greatly improving security over that offered by a password. A key is public, registered on the website or app we are using; the other is private and is present only on your device. Thanks to cryptographic techniques based on particular industry standards, the key pair allows you to establish a solid and private relationship between the devices and the websites and apps used.
Another advantage of passkeys is that the key is private (never “leaves” the device), preventing data leaks from websites or apps: highly effective protection that can never be guessed by a cybercriminal.
Ali Sarraf, browser product manager at Big G, explains: “Passwords are typically the first line of defense in our digital lives. However, they risk being subject to phishing attacks and data leaks as a result of breaches. Google has long recognized these issues, which is why we’ve built defenses like two-step verification and Google Password Manager.”
And again: “”To address these security threats in the simplest and most effective way, we need to move to passwordless authentication. This is where passkeys come in, a significantly more secure replacement for passwords and other phishing-prone authentication factors. They can’t be reused, don’t leak in the event of a server breach, and protect users from phishing attacks. Passkeys are based on industry standards, can work on different operating systems and browsers, and can be used with both websites and apps.”
You can authenticate on sites and apps that support passkeys, the same way you authenticate when unlocking a device (looking at the Touch ID). Passkeys are supported in the latest versions of Chrome for Windows 11, macOS, and Android. On desktop machines it is possible to leverage asskeys from nearby smartphones/tablets (an Android or iOS device). “A passkey does not leave your mobile device when you log in this way”, explains Sarraf “Only a securely generated code is exchanged with the site and therefore, unlike a password, there is nothing that can be stolen ”.