In October, Google rolled out Passkey support to Chrome Canary – the beta version of Chrome that allows advanced users to experiment with new features. Now the company has announced that the latest stable version of Chrome (v108) is also getting it. Google’s latest blog reads, “With the latest version of Chrome, we’re enabling access keys on Windows 11, macOS, and Android.” Meanwhile, on a desktop, you can choose to use a passkey from your nearby mobile device, which can be either iOS or Android.
Once the passkey update has reached your device, Chrome will ask if you want to use a passkey to sign in to a supported site or stick with passwords. The first requires screen lock verification – fingerprint or face unlock.
Passkeys are the next step in the evolution of secure logins. While a strong password is the first line of defense against data breaches, they run the risk of being stolen by your end or the server. Passkeys eliminate such vulnerabilities. Instead of having two copies of the same password (one on the user and one on the server), the user’s device is assigned a unique password called the private key.
Then there is a second key, the public key at the server. The two work together to authenticate a user to supported sites and apps.
In the event that a server breach does occur, the hacker will not have your private key. And on the user’s side, passkeys cannot be phished, as this requires the user’s phone to be physically present.
But perhaps the biggest advantage that passkeys offer is the fact that there is no memory involved. Remembering passwords can be difficult if you have a unique password for each website/app (as you should). Password managers can help with that, but as this year itself has been proven several times, they are not infallible.