Security13.10.2022

Goodbye passwords — Google rolling out passkey support to Android and Chrome

Google has started rolling out support for passkeys in its Android mobile operating system and Chrome browser, the company said in a blog post on Wednesday.

Passkeys are a newer type of login credential intended to replace passwords.

They require a user to provide biometric authentication — such as a fingerprint or facial scan — or a PIN via a smartphone or secondary device logged into their password management service.

If app and software developers choose to support the capability with Google’s new WebAuthn API, users will be able to create and use passkeys for Android apps and on websites accessed through Chrome.

The passkeys will be securely stored and synced on Google Password Manager, much like a password would be saved.

Google contends that passkeys are significantly safer than passwords and other “phishable” authentication factors.

“They cannot be reused, don’t leak in server breaches, and protect users from phishing attacks,” Google explained.

Passkeys are backed up and synced through Google’s cloud infrastructure to prevent account lockouts in cases where a device might be lost or stolen.

“Additionally, users can use passkeys stored on their phone to sign in to apps and websites on other nearby devices,” Google added.

How passkeys will work on Android and Chrome

Google said its passkeys followed familiar user experience patterns like the password autofill workflow.

“For end-users, using one is similar to using a saved password today, where they simply confirm with their existing device screen lock such as their fingerprint,” Google said.

The screenshots below show the typical procedure to create and use passkeys on an Android device or Chrome browser.

Google passkey support on Android device

Google passkey support on Chrome

Developers who want to integrate passkey support can enrol in the Google Play Services beta or use Chrome Canary.

Google said both features would be generally available on stable channels later in 2022.

The company said its next major goal for passkeys would be an API for native Android apps.

‘The native API will give apps a unified way to let the user pick either a passkey or a saved password,” Google said.

However, Google said passkeys created through the existing web API would work seamlessly with apps affiliated with the same domain, and vice versa.


Now read: Trump’s Truth Social approved by Google Play Store

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter