Goodbye passwords! Google just made a huge security change – Will it stick?
Passwords might be one of the biggest tech frustrations. Make them too hard, and they’re impossible to remember. Too easy, and your accounts are practically wide open.
Maybe you use a password manager or your browser’s built-in option to remember your logins. Here’s how to find saved passwords in your browser.
Those solutions aren’t perfect, of course. Password managers get hacked, and anyone with the know-how can access your saved browser options. No wonder tech companies are working to welcome us to a future sans passwords.
It starts with the FIDO Alliance
That stands for Fast IDentity Online. Big tech companies launched the industry association in 2013 to build a better system than passwords we have to keep track of and type in. Now we’re seeing more start to roll it out, and Google’s beta testing worked so well that the company just made it the standard way to protect your account.
Before we get to how to use passkeys, let’s do a deep dive into how they work.
What is a passkey, and how does it work?
A passkey is a personalized FIDO credential (like your fingerprint or face scan) that lives securely on your device. You use that instead of a username and password to unlock your accounts.
Another bonus: No more sticky notes with passwords on your monitor. Passkeys also eliminate the daily “Which password did I use here?” dilemma. Naturally, it’ll be faster and easier to log in.
But is it safe to use? Glad you’re asking. The unique structure of passkeys makes them near-impenetrable, unlike passwords — which are notoriously easy to crack. Since they’re stored on your local device, passkeys can’t be hacked or guessed like passwords.
And there’s no concern of a hacker getting their hands on one of your passwords and opening the keys to the castle since each device has its unique passkey. That’s a far cry from passwords, and studies show most people rely on only a handful of passwords for all their accounts.
Want to try it out?
If you’re sick of typing in credentials all day, you can set up passkeys with your Google account.
Note: Passkeys are automatically created for Google devices, but you must set them up for any other gadgets you use to access your account(s). You need to do this individually on each device you want to give access to. Remember, a passkey lives on that device, so it’s not just an account-wide setting.
- Go to g.co/passkeys.
- Tap Get passkeys and sign in.
- Select Use passkeys, then follow the onscreen prompts.
You’ll be prompted to log in without your password in certain situations. My advice: Use biometric authentication (your fingerprint or face) anywhere you can. It’s much more secure than a PIN.
Fear not, Apple folks
You can use passkeys with your iPhone, too. These work through the iCloud Keychain. Make sure you have that turned on and 2FA enabled to use passkeys. Note: To use passkeys, iOS 16, iPadOS 16, macOS 13, or tvOS 16 (or later) is required.
Depending on the website, browser or app you’re using, saving a passkey to your iPhone and iCloud Keychain usually consists of these steps:
- On your iPhone, go to the sign-in screen for a supported website or app and do one of the following:
- If setting up a new account: Tap the button or link for setting up new accounts, then follow the onscreen instructions.
- If you already have an existing account: Sign in with your account name and password, then go to the account settings or management screen.
- When you see the option to save a passkey for the account, tap Continue. Your passkey is saved.
Note: If you don’t see a passkey option, the app or website doesn’t currently support passkeys.
To sign in to an account on your iPhone with a passkey:
- On your iPhone, go to the website or app and tap the account name field on the sign-in screen.
- Tap the suggested account name that appears at the bottom of the screen or near the top of the keyboard. If the account name doesn’t appear, or you want to use a different one, enter it.
- Use Face ID or Touch ID to complete sign-in. If you didn’t set up Face ID or Touch ID on your iPhone, enter your device passcode (the code you use to unlock your iPhone).
The passkey you saved completes the sign-in automatically.
When using a device not associated with your Apple ID, you can still sign in to an account using the passkey stored on your iPhone. Here’s how:
- On the other device, go to the website or app and enter your user name in the account name field on the sign-in screen.
- Select Other options, Passkey from nearby device, or similar, then follow the onscreen instructions to display a QR code on the screen.
- Use your iPhone camera to scan the QR code.
The passkey that’s saved to iCloud Keychain completes the sign-in automatically.
Now, onward, with your safe new logins.
Tags: accounts, Apple, Apple iCloud Keychain, Apple iPhone, biometric authentication, browser, Credentials, devices, Google, Kim, Passkeys, password managers, passwords, podcasts, security, settings, tech, Typing