Google wants to kill your passwords on Android and Chrome with passkeys

By Michael Allison October 12, 2022

Google is building out passkey support into Android, though you won’t be able to use it yet without some tinkering. The search giant shared that it would be making the password-killing feature available for testing today for users on Google Play Services Beta or Chrome Canary, with general availability coming later in the year. Aside from Android and Chrome devices, passkeys also became available earlier with Safari on iOS 16 and macOS Ventura.

Passkeys are essentially intended to be a replacement for passwords. Rather than having to maintain an alphanumeric pattern for a particular site, however, they’ll be using the device you most likely have in your hand. By leveraging fingerprint or facial recognition support, or even pins, any operating system that supports passkeys will use your device to create a private key that interfaces with a service’s public key. Both keys combined will be your passkey. You can use passkeys alongside passwords, or in lieu of them. They’ll be stored on your device’s password manager, including Google’s own Password Manager and iCloud’s KeyChain.

Google passkeys on Android — Image used with permission by copyright holder

“Passkeys are a significantly safer replacement for passwords and other phishable authentication factors. They cannot be reused, don’t leak in server breaches, and protect users from phishing attacks. Passkeys are built on industry standards and work across different operating systems and browser ecosystems, and can be used for both websites and apps,” Google explained in a blog post. The company also highlighted its significant ease of use as it co-opts the password flow that already exists on most smartphones.

Right now, passkeys will only really work with web apps on Android. That’s still pretty useful as you’re also able to sign into web apps on your PC if you have a passkey stored on your phone. Later, the company will let you create passkeys with native apps, and we’ll get one step closer to a more secure, passwordless future.

Passkeys aren’t the only security feature Google highlighted this week. The company went into detail about the Pixel 7 and 7 Pro’s new security features, including the Titan M2 chip, Tensor G2, and its new Protected Computing initiative, which these two chips help facilitate.

Editors' Recommendations

Topics

Michael Allison

Mobile News Writer

A UK-based tech journalist for Digital Trends, helping keep track and make sense of the fast-paced world of tech with a…

Mobile

Google is launching a powerful new AI app for your Android phone

Google Gemini app on Android.

Remember Bard, Google’s answer to ChatGPT? Well, it is now officially called Gemini. Also, all those fancy AI features that previously went by the name Duet AI have been folded under the Gemini branding. In case you haven’t been following up all the AI development flood, the name is derived from the multi-modal large language model of the same name.

To go with the renaming efforts, Google has launched a standalone Gemini app on Android. Moreover, the Gemini experience is also being made available to iPhone users within the Google app on iOS. But wait, there’s more.

Mobile

If you have one of these apps on your Android phone, delete it immediately

The app drawer on the Google Pixel 8 Pro.

The NSO Group raised security alarms this week, and once again, it’s the devastatingly powerful Pegasus malware that was deployed in Jordan to spy on journalists and activists. While that’s a high-profile case that entailed Apple filing a lawsuit against NSO Group, there’s a whole world of seemingly innocuous Android apps that are harvesting sensitive data from an average person’s phone.
The security experts at ESET have spotted at least 12 Android apps, most of which are disguised as chat apps, that actually plant a Trojan on the phone and then steal details such as call logs and messages, remotely gain control of the camera, and even extract chat details from end-to-end encrypted platforms such as WhatsApp.
The apps in question are YohooTalk, TikTalk, Privee Talk, MeetMe, Nidus, GlowChat, Let’s Chat, Quick Chat, Rafaqat, Chit Chat, Hello Chat, and Wave Chat. Needless to say, if you have any of these apps installed on your devices, delete them immediately.
Notably, six of these apps were available on the Google Play Store, raising the risk stakes as users flock here, putting their faith in the security protocols put in place by Google. A remote access trojan (RAT) named Vajra Spy is at the center of these app's espionage activities.

A chat app doing serious damage

Mobile

How to use Android Recovery Mode to fix your phone or tablet

Pixel 3 recovery mode

Here's an unfun scenario: You've got one of the best Android phones or tablets, but things aren't working right. Typical virus scans and other troubleshooting fixes aren't working. It is time to use recovery mode. This mode allows you to reboot your system and get a fresh start without any viruses or other issues that were potentially causing you trouble.

Unfortunately, there's no one standard way to get into Recovery Mode. In other words, Samsung Galaxy phones and HTC phones have different pathways into the modes. Luckily for you, however, we have the most complete guide to entering Recovery Mode and you should be able to figure out how to get in on just about any device using the steps below.