Google has announced Passkeys as a new feature that will allow users to sign in to their Google accounts without using a password. Instead, users can use their phone's biometric sensor, such as a fingerprint or facial recognition, or a PIN or pattern to authenticate themselves.
The feature, called “Use your phone to sign in”, is designed to make signing in easier and more secure, as users don't have to remember and manage passwords. Google says that passwords are often weak, reused, or compromised by phishing attacks, and that using a phone instead of a password can provide a stronger and simpler way to prove one's identity.
Dependency on Google and Android
To use the feature, users need an Android phone with a screen lock and a Google account. Users can enable the feature by going to their Google account security settings and tapping on “Use your phone to sign in”. Users will then be able to sign in to their Google account on any device by entering their email address or phone number and getting a prompt on their phone to confirm it's them.
Google says that the feature is based on a new technology called “passkeys”, which are digital credentials that are tied to a user account and a website or application. Passkeys are stored in the Google Password Manager, which synchronizes them between the user's Android devices that are signed into the same Google account. Passkeys are also standardized, so they can work across different browsers and operating systems.
Google claims that passkeys are safer and easier than passwords, as they can replace a password and a second factor in a single step. Passkeys also provide robust protection against phishing attacks, unlike SMS or app-based one-time passwords. Google says that passkeys are part of its vision to create a “passwordless future” for its users.
Google Passkeys vs. Microsoft´s Hello and Authenticator
Google is not the only tech giant that is working on eliminating passwords. Microsoft has also been developing its own passwordless solutions, such as Windows Hello, Microsoft Authenticator, and FIDO2 security keys. Microsoft says that more than 200 million users have enabled passwordless sign-in for their Microsoft accounts.
Both Google and Microsoft share the same goal of making authentication more convenient and secure for users, but they have different approaches and implementations. Google's passkeys are based on WebAuthn, an open standard for web authentication that is supported by major browsers and platforms. Microsoft's solutions are based on FIDO2, another open standard for passwordless authentication that is compatible with WebAuthn.
One of the main differences between Google's and Microsoft's passwordless solutions is where the credentials are stored. Google stores passkeys in its cloud-based password manager, which means users can access them from any device as long as they have internet connection. Microsoft stores credentials locally on the device, which means users need to have physical access to their device or security key to sign in.
Another difference is how users enroll and use their credentials. Google allows users to create passkeys from their existing sign-in methods, such as passwords or one-time passwords. Microsoft requires users to set up Windows Hello or Microsoft Authenticator first before they can enable passwordless sign-in. Google prompts users to sign in with their phone when they enter their email address or phone number. Microsoft prompts users to sign in with their device or security key when they enter their username.
Both Google and Microsoft offer advantages and disadvantages for their passwordless solutions. Google's passkeys are more convenient and accessible, but they rely on Google's cloud service and may raise privacy concerns for some users. Microsoft's solutions are more secure and private, but they require more setup and may not work on all devices or websites.
Tip of the day: Though many VPN providers have their own apps, you can in many cases connect to a VPN in Windows without any third-party software. This is ideal if you have a self-hosted VPN or if you're using a PC with restricted permissions. In our tutorial, we're showing you how to connect to a VPN in Windows.