Sat 15 October 2022:
Google has announced the addition of Passkey support to both Android and Chrome for increased security.
Passkeys are a more secure authentication method than passwords and other phishable methods.
“They cannot be reused, do not leak in server breaches, and protect users from phishing attacks,” the company said on Wednesday in a blog post.
“Passkeys are built on industry standards, work across different operating systems and browser ecosystems, and can be used for both websites and apps,” the company explained.
Passkeys adhere to user experience (UX) patterns and expand on the existing password autofill experience.
Passkeys on users’ phones and PCs are stored and synced via the cloud to avoid lockouts in the event of device loss.
The key enables two key capabilities — on Android devices, users can generate and utilise Passkeys that are securely synchronised through the Google Password Manager.
Through the ‘WebAuthn API’, developers can add Passkey support to their websites for end users utilising Chrome, Android, and other supported platforms.
Developers can currently test this using Chrome Canary and signing up for the Google Play Services beta. According to the company, both features will be generally available via stable channels later this year.
Passkeys generated via the web API will be readily accepted by apps associated with the same domain, and vice versa.
Passkeys provide a consistent user experience across multiple systems and browsers, including Windows, macOS, iOS, and ChromeOS, because they are based on industry standards, according to the company.