The mobile operating system and browser have set up support for the FIDO Alliance.
Passwordless logins have been a goal for many tech companies for some time now, due to a spectrum of drawbacks to this security strategy.
Google, Microsoft and Apple have collaborated on unified standards for authentication.
Leading tech giants Google, Microsoft and Apple have come together to establish unified authentication key standards to allow device users to use their devices for unlocking apps and websites across Android, Windows, iOS and macOS, among a spectrum of browsers.
Google is now carrying this support for passwordless logins over to its Android mobile operating system and its Chrome browser as of last week. This means that devices running on Android can now log users into Windows or macOS services without having to use a password.
Passwordless logins allow users to be able to leave a spectrum of flaws behind in their digital activities.
The number of flaws and drawbacks associated with using passwords has been growing and worsening with each passing year. Users are having an increasingly difficult time coming up with fresh passwords that are strong enough to keep their accounts secure and have an even harder time remembering them once they’re created.
Servers have varying security qualities, meaning that some passwords are stored in places routinely breached by hackers. Even password managers – which are indeed a solid method of ensuring that quality passwords are created and stored – aren’t fully immune to a data breach.
In May, Google, Microsoft and Apple agreed to work together with the FIDO Alliance to overcome this substantial challenge and create better login methods that would allow users to put the flaws of password use behind them. The result are these passkeys.
Once a passkey is generated, a user can unlock a smartphone, tablet or other device using biometrics and then use that device to unlock apps and websites that are compatible. Passkeys aren’t stored on servers, meaning that they can’t be broken into or leaked from storage. Instead, they’re exclusively on the device of the user and synced across various devices through the cloud. The use of local authentication with passwordless logins also greatly reduces phishing risks.
