Android and Chrome take their first steps towards a blissfully password-free future
Signing in to accounts sucks. Password resets, two-factor prompts, hackers breaching databases — who needs the aggravation? This is exactly why we've been so excited over the past few months, after Google shared word that a brave new passwordless future was on its way to Android and Chrome. Thanks to cryptographically signed passkeys stored on your phone, you'll be able to securely and easily access your favorite services — and that all gets started today.
The idea of accessing your accounts without explicitly entering your login credentials may sound like something halfway between bizarre and just an outright bad idea, but when you really think about it and look at what Google is implementing, it's not that far off from how we already deal with saved passwords.
Core to this concept is the idea of a "passkey" — a digital record connecting your personal information with a particular service, securely signed via chain of trust, and stored on a device like your phone. And just like other data you keep safe on your phone, you can access it with convenient biometrics like a fingerprint — which is a heck of a lot easier and more secure than typing in a password.
Android is picking up support for passkeys through the Google Password Manager, which will help keep them synced across your hardware — this is all end-to-end encrypted, so even with Google coordinating distribution of your passkeys, it can't access them and use them to get into your accounts.
By Stephen Schenck
Are you ready for this?
Do you trust it?
A passing fad? Or the wave of the future?