Read the text below.
Good news for all the password-haters out there: Google has taken a big step toward making them an afterthought by adding “passkeys” as a more straightforward and secure way to log into its services.
Passkeys offer a safer alternative to passwords and texted confirmation codes. Users won’t ever see them directly; instead, an online service like Gmail will use them to communicate directly with a trusted device such as your phone or computer to log you in.
All you’ll have to do is verify your identity on the device using a PIN unlock code, biometrics such as your fingerprint or a face scan or a more sophisticated physical security dongle.
Google designed its passkeys to work with a variety of devices, so you can use them on iPhones, Macs and Windows computers as well as Google’s own Android phones.
Thanks to clever hackers and human fallibility, passwords are just too easy to steal or defeat. And making them more complex just opens the door to users defeating themselves.
For starters, many people choose passwords they can remember — and easy-to-recall passwords are also easy to hack. For years, analysis of hacked password caches found that the most common password in use was “password123.” A more recent study by the password manager NordPass found that it’s now just “password.” This isn’t fooling anyone.
Passwords are also frequently compromised in security breaches. Stronger passwords are more secure, but only if you choose ones that are unique, complex and non-obvious. And once you’ve settled on “erVex411$%” as your password, good luck remembering it.
In short, passwords put security and ease of use directly at odds. Software-based password managers, which can create and store complex passwords for you, are valuable tools that can improve security. But even password managers have a master password you need to protect, and that plunges you back into the swamp.
In addition to sidestepping all those problems, passkeys have one additional advantage over passwords. They’re specific to particular websites, so scammer sites can’t steal a passkey from a dating site and use it to raid your bank account.
This article was provided by The Associated Press.