Google access keys: the end of passwords to use accounts 

Passkeys are more practical than passwords, but the current situation is not the most favorable to their massive adoption and it will still take time and many efforts on the part of manufacturers and publishers to make them attractive. One of the obstacles that stand in front of users today is the change of device, whether it is a smartphone, a tablet or a PC, since the private key is recorded locally.

Translation of “Pass Key” in French

These sober and fine references will be learciated on the other hand like Perfect Instruments Key pass.

These sober and fine references will be appreciated on the other hand as perfect instruments master key.

The guy could have used the Key pass.
The guy was able to use the pass.

The apartments are reached by security locked elevator access and Key pass, Making It Complely Safe and Comfortable.

Apartments are accessible via secure elevators and a master key, making the establishment completely secure and comfortable.

My siamese, must to some extent, being a Key pass, because judged according to a little different criteria.

My Siamese, must in a way, be a master key, Because judged according to somewhat different criteria.

Did Anyone Else in the Building have a Key pass?
Someone else in the building has a pass ?
Why can’t i register my mobile device despite having enter the Key pass?
Why does my mobile terminal not connect well that I grabbed the password ?
Tea Key pass Entered in the vehicle must be identical to that entered in the mobile device.
THE password Entering the BMW must be identical to that entered on the mobile phone.

For a chronometer presented like Key pass, This reference, Delivered with a cap and a transparent bracelet, is not likely to fall into anonymithy!

For a timepiece presented as master key, This reference, delivered with a cap and a transparent bracelet, is not likely to fall into anonymity !

An apartment Key, for Example, can be kept in the unit, which key is removed through the tubular unit after the cylinder lock with a a Key pass But a master key

An apartment key, for example, can be kept in the unit mentioned and removed through the tubular unit after the cylindrical lock has been opened with a pass or a master key

Bracelet Key pass of 1940, Out of Crimmed Gold of Sapphires and Ruby, Estimated 30,000 francs, was allocated 87000 francs.

A bracelet Master key From 1940, in gold set with sapphires and ruby, estimated 30,000 francs, was sold for 87,000 francs.

Google access keys: the end of passwords to use accounts !

No need for password to connect to a Google account or service ! The digital giant now allows you to use access keys (Passkeys), a more reliable and simpler technology for all its services.

• Access keys: connect safely to your Google account
• Passkey: the solution to replace passwords
• Passkey: how does the password replace ?

A future without password would it be soon ? In any case, this is the path that Google seems to take, which crosses a new step in the deployment of Passkeys – also called access keys. Since May 3, 2023, billions of users of Google services can adopt this authentication method, via biometric sensors, the smartphone locking PIN code or electronic physical authentication keys, and completely abandon their passwords and their verification codes to connect to their accounts, as the firm proudly announces in its press release. To do this, just go to this address, connect to your account with your usual identifiers and then click on “Use access keys”. To add an additional access key, for another device, just click on “+ Create a safety key” – so that will be stored on the device used.

Access keys: connect safely to your Google account

The passkeys of Google accounts are stored on any compatible material – namely iPhone operating under iOS 16 and Android devices operating under Android 9 at least – and can be shared with other devices from the operating system using services like iCloud or certain password managers. To use another person’s device to temporarily access their Google account, you must select the “Use a password from another device” option to create a single connection. Please note, it should not be created a key to a shared device, because its real owner would then be able to access the Google account when he wishes. In the event of theft, loss or infiltration of the device, it is quite possible to revoke the safety keys in the parameters of your account.

Even if it will take a while for the care of passkeys to be largely adopted, this announcement considerably advances their adoption due to the size of Google and the magnitude of the implementation. For the moment, user accounts will continue to support existing connection methods, such as passwords – this is a transition period in a way. The Mountain View firm plans to promote this new technology in the coming months and starting to encourage their users to convert their identifiers into Passkeys.

Access keys: the solution to replace passwords

But why try to create a future without password ? Simply because of their flaws, which are only too well known. Indeed, they are often too weak, reused on several sites and accounts, and can be compromised after a successful phishing. Solutions have been put in place to fill these weaknesses, such as double authentication – which is not infallible – and password managers – which can be hacked -, but the risks still exist, especially on time where hackers are increasingly imagining. It’s been a while since the Fido alliance – a consortium of large technology companies, government agencies, service providers, financial institutions, payment processors and other industries, including Apple, Amazon, Microsoft, Paypal and Google (see our article) – work on technology aimed at eliminating the use of password: Passkeys !

After Apple announced that he wanted to introduce them with iOS 16 and macOS, Google had in turn allowed developers in October 2022 to start implanting this authentication technique on Android, via the beta version of Google Play Services and the Canary version from Google Chrome. For Diego Zavala, Android product manager, and Christiaan Brand, product manager and safety, the deployment of the Passkeys ESOTS A nice advance because they “cannot be reused, do not leak into server flaws and protect users against phishing attacks”, As they explained on the Android Developers blog.

Passkey: how does the password replace ?

By making use of passkeys, the user chooses a device – logically their smartphone – as main authentication system on sites and applications. At the time of registration or modification of the connection means, the smartphone creates two encrypted keys: a public which is sent to the service provider, and a private key which remains stored in the phone and will allow the website or the ‘Application of authenticating it by unlocking the device via its smartphone authentication mechanism – PIN code, model, facial recognition or digital imprint. To simplify, instead of entering a password, simply use the usual unlocking method of your main device. And voila ! The smartphone passkey can also be used to connect to one site via another device – like your laptop. Just scan the QR code that is displayed on the site with its smartphone. Ultimately, the objective is to allow the use of passkeys on different platforms-Windows, MacOS, Chromeos, Android and IOS-so that, for example, a Chrome browser user on Windows can authenticate on a site Using a passkey stored on an iPhone.

Concretely, on a daily basis, the use of Passkeys does not change anything for the user. Indeed, there are already standards allowing to connect to applications or sites using one of its devices – as by confirming via your smartphone that the connection comes from us, or by pressing a particular number which ‘poster on it. However, you must always connect at least once with a password to be able to activate this connection function. And that does not prevent being able to recover access to his account thanks to his identifiers – who can therefore be diverted. But the use of Passkeys also raises some drawbacks, especially when you want to replace your Android smartphone with an iPhone – or vice versa -, or that a flight or breakage of the device occurs. It is then necessary either to copy its passkeys manually to the new phone – which is quite tedious – or to claim new codes of access after all the services, by proving each time its identity. The fact remains that developers can test this simple and secure authentication method on Google Chrome and Google Play Services since November 2022, by creating an application programming interface (API) allowing their use of passkeys on Android applications. In the meantime, it is better to create a secure password.

Passkeys: What is it for, how it works and why they will replace passwords

Passkeys will become the new popular authentication method to access its accounts on websites and applications. More secure and more practical than passwords, they will gradually become the norm to prove its identity on the Internet. Here is what you need to know about them.

• Passkeys, what’s ?
• Passkeys, how it works, what is it for ?
• How are the Passkeys more secure than passwords ?
• Google, Microsoft, Apple. Who wants to replace passwords with the passkeys ?
• What happens when you change the device ?
• When will the passkeys replace passwords ?
• How to configure passkeys on your Google account ?
• Comments

Since the Internet has become more democratic with the general public, our accounts of the various platforms we register are protected by Passwords. We have so far known that this form of defense so far to preserve access to our information and profiles, so that it is difficult today to imagine a world in which they would no longer exist, or at least in a very different way. And yet, passwords are not necessarily the most secure or even the most practical solution to ensure that we alone are able to access our accounts. Large digital companies have been developing alternatives for years to finally put an end to the domination of passwords and improve the user experience. This is how the Passkeys were born, which you should hear a lot about in the months and years to come.

Passkeys, what’s ?

A Passkey is an access key (or identification key) containing encrypted data proving that you are the owner of the account to which you try to connect. Passkeys are based on the principle of asymmetrical encryption, which implies the existence of two encryption keys, a public key (stored on the servers of the platform) and a private key (stored locally on the user’s device), which synchronize between them during an attempt connection.

Passkeys, how it works, what is it for ?

Like when you create a password to create a new account currently, you can choose to opt for a Passkey on services that support this technology. In this case, the platform in question will generate the two keys (public and private), which work together. Only your private key will be recognized by the public key as part of the encryption protocol and will allow connection to the account through the Passkey.

The physical device is not the only protective layer to validate the connection. A identification method Support by the terminal in question, at the choice of the user, allows you to connect. It can be a biometric unlock (facial recognition, fingerprint), a PIN code, a diagram ..

The interest of the Passkeys is to combine:

• The practical aspect: accessing your accounts using the same process as unlocking your device, without the need to remember your passwords or use a manager.
• The safety aspect: a quantified connection which requires both physical access to the device and knowledge of the identification method.

How are the Passkeys more secure than passwords ?

If password managers help make passwords safer, they remain fallible. Despite the implementation of systems based on single -use passwords and double authentication, the observation is clear: the security of the accounts leaves to be desired and the risks of hacking and phishing remain very high. Passkeys are not a perfect solution, but all the same grant more guarantees than traditional passwords.

The first safety layer is the storage of the private key on a device of which the user owns. Of course, this data is in a space protected by encryption technology. In addition, it is never communicated directly to the platforms to which we connect: each attempt at connection, the website or the application will set an enigma to the user terminal, which is the only one to solve it. A token is then generated to validate the transaction and authorize the connection.

The second stratum is the need to identify with biometric information (preferably), or by an authentication element which is not known to platforms (PIN code, Drawing Scheme on a touch screen) for devices not offering No possibility of authentication by facial recognition or fingerprints. Divert Combination between private key and biometrics requests much greater efforts than getting a password, and even deceiving the double authentication.

Phishing no longer works, because it is unlikely that the user reveals his private key to a third party. The majority of users will not even know how to identify their private key. Data leaks are limited, because platforms only have public key, which is useless without the private key associated with it. And as each combination is unique, only one account can be compromised both. Brute force attacks also lose their interest. And if a pirate finally manages to recover the two keys that make up a passkey, the authentication remains to pass.

Google, Microsoft, Apple… who wants to replace passwords with the passkeys ?

The adoption of passkeys is pushed by theFido Alliance (Fast Identity Online), founded in 2013, whose mission is to resolve the lack of interoperability between strong authentication devices and to develop as well as to promote authentication standards contributing to reducing passwords dependence. Fido’s motto is “Simpler, Stronger, Authentication: Solving the World’s Password Problem”, that we can translate by “Simpler and stronger authentication: solving the global problem of passwords”.

Google, Microsoft and Apple are among the most fervent supporters of the password disappearance. They have largely contributed to the creation of their alternative and probable future replacement, and announced their joint desire to strengthen the support of Fido standards, the Passkeys therefore, in order to accelerate the transition to this technology. The three American firms are part of the board of directors of the Fido Alliance, which also includes Samsung, Amazon, Intel, Lenovo, Meta (Facebook) or Qualcomme. Major actors of digital payment such as Paypal, Mastercard, Visa and American Express are also present at the Board. Paradoxically, we also find companies specializing in password management, such as Lastpass, Dashlane and 1Password, which will have to adapt and evolve when the Passkeys standard will supplant the passwords.

For the moment, few platforms (websites or applications) offer their users authentication by Passkey. Besides Google, Microsoft and Apple, Dropbox, Ebay, Facebook, Nvidia, Paypal, Twitter, WordPress or Shopify are pioneers.

What happens when you change the device ?

Passkeys are more practical than passwords, but the current situation is not the most favorable to their massive adoption and it will still take time and many efforts on the part of manufacturers and publishers to make them attractive. One of the obstacles that stand in front of users today is the change of device, whether it is a smartphone, a tablet or a PC, since the private key is recorded locally.

A system of Synchronization of access keys is planned when we remain within the same ecosystem. You can therefore simply transfer your passkeys recorded on your Android smartphone to your new Android mobile through your Google account. If you go from one iPhone to another Android account or vice versa, synchronization becomes much more complicated. Likewise, there is currently no effective native solution for the passkeys generated from your Windows PC is made available from your Android smartphone for example.

For the moment, each transfer of Passkey from one software environment to another requires a manual procedure, particularly forbidden if there are many passkeys to manage. A QR code system to scan with his smartphone was thought of. The mobile device then acts as a gateway, itself validating the connection request for the other device. For security questions, it is however necessary that the Bluetooth of the two terminals be activated, in order to ensure that the PC which makes the request is well physically alongside the owner of the account and that it is not a question an attempt to distance malicious access. Generally, it is possible after this handling to generate a passkey for a frequently used secondary device, in order to avoid having to use its main terminal each time.

In the future, tools will be put in place to allow the rapid and simplified transfer of its identification keys from one ecosystem to another, like the import and export options of the word managers pass. Besides, these seem to be among the most quick to look for solutions to this problem, which would allow them not to lose the interest of users who abandon passwords for Passkeys. But here again, ecosystems must evolve, and that is why Android 14 will support passkeys in third -party password managers.

At Google, the solution that seems to prevail to share its passkeys between its different devices is chrome. The browser is compatible with the access keys from its version 108, is available on all ecosystems and is already provided with its own integrated password manager, which makes it the appropriate and obvious platform to manage its passkeys.

When will the passkeys replace passwords ?

Passwords still have a bright future ahead of them. Users are not ready to switch overnight to the Passkeys and a long period of transition will take place, during which passwords and passkeys will coexist. Web and applications will also have to adapt and go to this technology, which can take time. Fido standards generally require Latest versions of operating systems, automatically eliminating the oldest devices of all compatibility. A renewal of equipment is therefore necessary before seeing the Passkeys definitively take over from passwords. Another problem related to access keys is dependence on large bone and software publishers, which could leave a number of reluctant users on the tile. It is impossible to predict when we are witnessing the death of passwords, but they should survive in the short term.

How to configure passkeys on your Google account ?

Passkeys have officially become a way to connect to Google services since the beginning of May 2023. Here is the procedure to follow to start using them within the ecosystem of the alphabet subsidiary:

• Go to https: // myaccount.Google.com/ and connect to your Google account.
• In the menu on the left of the screen, click on the section Security.
• Scroll to the bottom until reaching the game How to connect to Google. Click on the line Access keys, positioned between the option Two -step validation And Passwords.
• Enter the password of your Google account if you are asked for.
• Click on the blue button Use access keys To activate the functionality.

From now on, Your Android devices will automatically create a passkey For your Google account for your next connection. You can also click on Create an access key below to manually generate a passkey on a device from another ecosystem. Authenticate yourself with your usual identification method (Windows Hello in our case), and voila ! To verify that everything works well, open your browser in private navigation and try to connect to your Google account. Normally, you no longer need to enter your password, just authenticate with your pine, your fingerprint or by facial recognition. Recall that it is essential to configure access keys only on the devices of which you are the owner.

• Share Share ->
• Tweeter
• Share
• Send to a friend