The end of passwords is upon us, and Google is marking the moment on the eve of World Password Day. What a way to celebrate this day!
Managing passwords is a chore. Tools exist to help (like password managers), but it requires organization and it can quickly get lost between devices.
However, a new account security system is spreading on the web: passkeys (access keys). They significantly lighten the burden of passwords. All you need is a device capable of acting as an authenticator to configure a passkey (access keys), then use a biometric method on this device (facial recognition, fingerprint) or a PIN code to authorize connections.
Google switches to passkeys
After Apple or 1Password, and many others, Google announces support for passkeys for Google accounts, on the eve of World Password Day 2023.
Passkeys started making headlines last year when Google, Microsoft and Apple pledged to adopt them. Based on FIDO standards, passkeys manage your login information using public key encryption (also called asymmetric encryption), which generates a public key and a private key. For a passkey, the public key is owned by the website you are connecting to, while you have the private key.
You can store the private key on a device (usually a smartphone), but also synchronize it with an account to access it from other devices. The two keys together allow you to access the service in question. Google started supporting passkey storage in Chrome and Android in October 2022. Now, you can also sign in to your Google account using passkeys.
Why use a pass key (access keys) rather than a password?
When you already have a strong, unique password and two-factor authentication (2FA) set up, why switch to passkeys? Passkeys provide superior protection against data breaches. Google only holds your public key, which cannot be used to determine your private key.
Passkeys are also linked to the service for which they are generated, which prevents fraudulent sites from stealing your credentials. This means that additional two-factor authentication is not required.
How to configure a passkey (access keys) on your Google account?
To enable passkeys on your Google account, follow these steps:
- Meeting on myaccount.google.com from your web browser.
- Click on “Security” in the left column.
- Under the “How you sign in to Google” section, click on “Access keys”. If you don’t see this option, you’ll first need to click “Use your phone to sign in” and link your account to a device such as a phone or tablet.
- Click the blue “Use Access Keys” button.
By following these steps, you will be able to enable passkeys as an additional layer of security for your Google account. Passkeys provide an alternative method of authentication to traditional passwords, making your account more secure.
Want to join a community of enthusiasts? Our Discord welcomes you, it’s a place of mutual aid and passion around tech.