Home Tech Google Encourages Passkey Rollout For Apps During Cybersecurity Awareness Month
Cybersecurity Awareness Month

Google Encourages Passkey Rollout For Apps During Cybersecurity Awareness Month

by Martha Simmonds

If you didn’t know, October is considered Cybersecurity Awareness Month across both the USA and Europe. To celebrate, Google has started encouraging its users to adopt one of its newest emerging technologies – the passkey. Hailed by some as the password killer, here’s an explanation of what passkeys are and how they compare to your many passwords.

Passwords & RNG

To understand passkeys, you’ll need to know a little more about how passwords work. If you’ve spent even a short amount of time online, you have multiple passwords that protect the accounts of different services. To solve this, some savvy web users get a password manager to generate those passwords via random number generation (RNG). That way, the user just needs to remember one password – the one for the manager itself.

RNG is also used to crack passwords, which is why the ability to generate random passwords is constantly improving. Randomness is a wide concept that influences many industries, from cybersecurity to entertainment. In iGaming, for example, digital roulette wheels employ RNG to keep the game fair, trustworthy, and unpredictable. The industry uses RNG to mimic the randomness created by physics in the real world. But for some people, this isn’t the same, and they prefer to enjoy exciting online roulette games through livestreaming, involving a real dealer hosting game. This widespread push for innovative use of randomness encourages password management companies to constantly search for ways to improve on the cybersecurity front.

Till now, password managers have been our strongest tool against user error. When juggling many passwords, users may use the same word or create a recognizable pattern that could be exploited. By now, you’ve likely heard all the traditional tips on creating a strong password. In fact, many websites have them hard-coded into their password creators, refusing codes that don’t have uppercase and lowercase letters, a number, and sometimes a symbol. Passkeys are a solution that seeks to remove the stress of creating and remembering passwords, along with the data storage responsibilities that are placed on businesses.

What Is A Passkey?

The aim of a password is verification, to prove you are who you say when accessing your account. A passkey takes this further by acting as a digital credential that is created between the account and your device. To that end, it has no username or password that you need to remember – it’s all managed by a digital handshake between your device and your account.

Google likens this to saved passwords on your browser, though there are meaningful differences in how passkeys work. Cybersecurity advocates advise that you don’t save your passwords in your browsers. This is because someone using the device can access your browser account and all of the accounts that have interacted with it, especially if you’ve used the same passwords for each.

Passkeys are inherently different; they use public key cryptography. When a user creates a passkey, that passkey is unique to the app or site it’s created for. A pair of public and private keys are made for the user’s device. The public key gets sent to the site, where it’s useless in the hands of anyone but you. When you interact with the account, the private key attached to your OS/browser will interact with the public key and give you access. The only verification is to show you are using the device, requiring a PIN, pattern or biometric signature.

Google and other tech leaders are making passkeys comply with the FIDO Alliance standard. FIDO is Fast ID Online, where the aim is the eventual phasing out of passwords for faster and more convenient account access.

Google allowed users to create passkeys back in May of 2023, though now they’re stepping up passkey advocacy alongside organizations like LastPass. Other adherents include Apple and Microsoft, showing that the passkey is likely to become a password contender in the next decade.

You may also like