Google wants you to ditch passwords as it turns passkeys into the new standard

The end of passwords might be arriving sooner than we thought. Google has officially made passkeys the default sign-in method for all personal accounts on its network.

Passkeys, if you don’t remember, are slated to be the “next evolution for online security.” Instead of a lengthy password, this tech typically uses a four-digit PIN or “biometric credentials” for easy logins. They are also said to reduce the likelihood of having your credentials phished by bad actors or targeted by some form of account takeover attack. To encourage adoption, Google will begin sending out prompts to users informing them of the recent change and where they can go about creating a passkey.

Easy setup

Fortunately, generating a passkey is quite simple (in fact, we have a guide detailing the whole process). In short, you’ll need to head over to the company’s official passkeys website, then create a PIN or connect your biometrics to your account. You can use either fingerprints or your own face assuming your device supports facial recognition. After that, you connect your smartphone and you’re done.

There are some restrictions you should be aware of. PCs must be running at least Windows 10, while for Macs, it needs to be macOS Ventura. Smartphones must have either Android 9 or iOS 16. Additionally, this tech only works on a handful of browsers: Microsoft Edge, Safari, and Google Chrome. Of course, they need to be running their latest versions.

If you’re not interested in passkeys, you do have the option to opt-out. Head on over to the Sign-in options page, locate “Skip Password When Possible”, then toggle off the switch.

Upcoming changes

We reached out to Google asking why the company felt it was time to make passkeys the default so soon after it hit the scene. Support for the security feature came out back in May of this year. Well, as it turns out, they seem to be fairly popular with the user base. 

Kimberly Samra, security communications manager at Google, told us 64 percent of surveyed people found the feature “easier to use than traditional login methods.” What’s more the company found that logging in with a passkey is “40 percent faster than” a regular password, according to internal analytics.

The passkey saga isn’t stopping here as Google states it is working with select “partners” across multiple industries to make the new login system usable across Chrome and Android. It’s already present on Uber as well as eBay with plans to expand it to WhatsApp soon. From there, the tech giant will continue encouraging other platforms to pivot towards passkey to eventually make passwords totally obsolete.

If you’re looking for ways to further bolster your online security, we recommend checking out TechRadar’s list of the best antivirus software for 2023

You might also like

TechRadar – All the latest technology news

Read More

Windows 11’s new passkey feature lets you talk to the hand (or face) and kiss those annoying passwords goodbye

Windows 11 is now introducing a new feature to the OS, which allows users to replace passwords with passkeys instead.

A recent Windows 11 Insider Preview Build (23486) lets you “use Windows Hello natively to create and sign in to supported applications and websites using passkeys, where you’ll be asked to prove your identity using a PIN, fingerprint, or face scan,” according to The Verge

Basically, this means that if you choose to log in using any of those three methods instead of using a password, two cryptographic keys are created instead. One is stored in your device and the other is stored in your choice of cloud storage service, which combine and grant you access to your device. These keys aren’t known to anyone, including yourself. You would simply use the login method of your choice and it does the rest.

Passkeys could truly be the future 

Though making a sound password with a combination of letters, numbers, and symbols is usually an excellent way to safeguard accounts, in recent years identity thieves have gotten much better at cracking passwords. Not to mention that many people don’t apply best practices when it comes to creating passwords.

The concept of passkeys is a great one. Using either a PIN or biometric login method, you have two passkeys created, letting you access your device safely and without having to memorize a complicated string of characters or risk having them discovered by a bad actor. 

What’s also great about them is that you have a nice variety of choices involved in your login method. Some people feel more comfortable using biometric authentication, while others like myself prefer the classic method of using a PIN instead. Regardless, the passkey functions the same way, circumventing a password in the process.

Microsoft Edge, Apple, and Google Chrome have either already supported passkeys or will later in 2023, but this Windows Hello rollout means that people can manage logins on the OS level. However, according to Bleeping Computing, there are still plenty of kinks to work out with this system right now. But hopefully, as tech giants become more accustomed to working with Windows Hello, it will eventually become a seamless feature.

TechRadar – All the latest technology news

Read More

Chrome is making it easier to remember passwords and sensitive information

Google is developing a feature within the Chrome password manager that not only allows you to manually save passwords, but also add any useful notes that you would otherwise need to save elsewhere.

This was discovered by Reddit user u/Leopeva64-2 who notes that the feature is currently live within Chrome Canary version 101, the version of the Chrome browser used for beta testing new features before they get released onto the public build.

Manually adding passwords will give you better control over the saved information currently stored in the Google Chrome password manager, preventing you from having to visit every website and load your details in to be saved. This should also make it easier to clean up errors and situations where multiple passwords are saved with no other sign-in information, such as a username or email address.

The Google Chrome password manager with a beta 'add notes' feature

(Image credit: u/Leopeva-2)

It's unlikely you would need to save any password hints in the notes space, as you can simply unhide your password by selecting the eye icon next to it. But this could be useful for saving the answers to security questions, or even the date you signed up and last used the service, if you like to keep your open accounts to a minimum.

Concern was also raised on the same Reddit thread regarding encryption, though it's likely that anything saved within the notes field will be protected along with the actual passwords themselves.

Given most other password management services also encrypt all the information saved alongside the actual passwords, it would be unusual for Google to overlook this, but we won't know for sure until the feature is released to the general public.

As Neowin mentions in its own report, this is a feature that could also roll out to the Microsoft Edge web browser, given it's also based on Chromium. But it's early days for that, and we can't find anything similar to this feature currently being tested within the Microsoft Edge Insider channels.

It has a niche use, but its implementation could allow you to save small nuggets of useful information that are specific to each website you visit, such as payment information or the expiry date on your cards. Given this feature is currently being trialed, there's a chance it might never make it into the public version of the Chrome browser, which would be a real shame.

Analysis: What's the risk?

Any discussion about saving your passwords or private information online is going to cause some concern, but Chrome already has a lot of features that could put your mind at ease. For one, the Chrome password manager can prompt you if a password is weak or appeared in a data breach online.

To check your passwords, users just need to click on the key icon that appears under your profile. or you can manually type 'chrome://settings/passwords' in your address bar. This will also tell you if any of your passwords need to be updated because they've been compromised, though you'll still need to visit every site that the password/email address combination was used on to change them.

If anything, this outlines the importance of having individual passwords for every account you open – and with all of the websites and applications available to us, that can be daunting without a password manager. 

Still, if you're worried about saving any private information to your browser, you'll either need to use a more dedicated service such as LastPass, or simply do things the old-fashioned way and either memorize or jot down your information on paper.

TechRadar – All the latest technology news

Read More