Following a beta test that began in autumn, Passkeys are now available as part of Chrome 108 in Windows, Mac and Android. Sites that support Passkey login can now request logins via the physical USB security key, via your fingerprint, or via another nearby iOS for Android device. “Passkeys are a significantly safer replacement for passwords and other phishable authentication factors. They cannot be reused, don’t leak in server breaches, and protect users from phishing attacks,” Google wrote in a Chromium blog post this week. Google also says that users on Android will automatically be able to sync their passkeys stored through Google Password Manager, or third-party password managers that support Passkeys. “A passkey doesn’t leave your mobile device when signing in like this,” Google says of using a nearby mobile device. “Only a securely generated code is exchanged with the site so, unlike a password, there’s nothing that could be leaked.” Google has been working on this technology via the FIDO standard as it seeks to consign weak passwords to the history books. It’ll now depend on how widely the technology is adopted by the various sites and services you’re logging into. The product manager for Chrome, Ali Sarraf adds: “Enabling passkeys to be used in Chrome is a major milestone, but our work is not done. It will take time for this technology to be widely adopted across sites and we are working on enabling passkeys on iOS and Chrome OS. Passwords will continue to be part of our lives as we make this transition, so we’ll remain dedicated to making conventional sign-ins safer and easier through Google Password Manager.”
