Forget about logging in with your Google password. Use your fingerprint with the new Keys feature. See the guide on how to do it

Need to sign in to Google on a new browser or device? Now you don’t have to enter a password at all or use two-factor authentication. All you have to do is place your finger on the fingerprint reader on your smartphone and you will be logged into your account automatically. You might as well use facial recognition or the PIN you enter when unlocking your phone. In fact, from now on, you don’t need to remember your Google account passwords at all, because the company introduced a new authentication feature called Passkeys. It is much more secure than passwords, allows you to log in much faster and requires a minimum of effort on the first set up. Sounds interesting? If so, see a short guide on how to activate Keys and start using them.

Author: Tomasz Duda

We all know how it is with passwords. Some enter 12345 or password123, or the name of their dog and are happy that they have a problem with their heads, completely unconcerned that their problems may only begin if someone decides to guess this password. It’s not really a matter of “if” but “when” it will happen. Others are more aware and create unusual strings of characters that are harder to crack, but also not easy to remember. And all respect for those who add two-factor authentication to it, e.g. using a separate application or SMS code. However, with difficult passwords, the use of a password manager becomes a necessity, because remembering complex strings of characters for many accounts is a chore, and even beyond the capabilities of most of us. Fortunately, Google has decided to make logging into its services much easier.

How can I make it easier to sign in to my Google account? For example, you can opt out of entering a password altogether and turn off two-factor authentication and still maintain a high level of security. You can use the new official feature called Passkeys now.

Google Bard has just received an update that will help users with programming

In Poland, over 80% of users use Android, less than 19% use iOSand the rest is marginal. No wonder that one of the most important accounts is the Google profile. Your history of locations and navigation routes, photos, videos, contacts, e-mails, important files, passwords, payment methods, bookmarks, contact information and many other private data are synchronized with it. Rather, none of you would want someone to put their evil hands on it, right? It can even be said that most of our lives revolve around a Google account, although some do not even realize it. That is why, first of all, it is worth taking care of the security of logging in to Google, and secondly, it would be nice to facilitate and speed up this login in such a way that we do not have to remember and enter the password at all. This is especially useful when someone has several Google profiles or logs in on different computers and browsers. And here we come to the essence of the matter, i.e. the Google Passkeys function, which in Polish was translated as Keys.

Passkeys, i.e. secure login to Google without a password

What is Google Passkeys? In practice, it is an advanced security, currently created according to FIDO standards together with W3C Web Authentication (WebAuthn), using a public and private key. Of course, the private one is saved on the device on which we created it and cannot be shared with anyone. We do not see it and we do not have to remember it, but it is assigned to a given user account. When you try to log in on a new device in a browser or application, a message will appear on the smartphone asking you to approve the login and if that is the will of the user, he simply puts his finger on the fingerprint reader or directs the camera to his face or enters the PIN and that’s it – the new login is approved. Of course, the more secure the method of unlocking your smartphone, the better, so using a fingerprint scanner is more recommended than entering a PIN or facial recognition, unless it’s a more secure FaceID technology.

In terms of security, it is important that this method is much more resistant to a variety of attacks, including phishing and brute force. The private key is not transmitted, but checked internally in a given device (e.g. smartphone), so it cannot be intercepted, and the public key alone is not enough to successfully log in. Google Password Manager uses key encryption. Although the copy may be on Google’s server, the company cannot read the keys precisely because of the encryption, and thus cannot impersonate the user. In addition, the key itself is complicated, so even brute force will not reveal it in a reasonable amount of time. The Chrome browser and operating system work so that the key can only be used on the website or application in which it was created. If the site is genuine, then logging in will be quick and hassle-free. Key protocols are designed in such a way that shared data cannot be used as trace vectors. Of course, in general, security plays the most important role here, but in real terms, the most important thing for the user on a daily basis is simply that he does not have to remember the password and can log in very quickly without entering anything.

How do I enable and use Passkeys?

To start using the method of logging into a Google account using Keys, go to the website https://g.co/passkeys and log in to your Google account as standard (of course, at this point you still need a password). Then click the blue Enable Keys button. If you are already actively using an Android smartphone, there is a good chance that Google has already created a key automatically on this device. In other words: this smartphone is the key with which you can log in, for example, on a laptop. Now, when you try to log in to Google again on the given computer and browser, a window will be displayed: Use the key to confirm that it is really you. Click Next. In the Chrome browser, the message Use key will be displayed, here indicate the phone on which the key was automatically added (in my case it is Pixel 6a).

A notification called Identity Verification will appear on your phone, tap on it. You may also be asked to allow the Chrome app to find, connect, and locate your device. This is quite interesting information, because it turns out that the computer and smartphone must be close to each other for a Bluetooth connection to be established. Tap the Allow button on your phone. At this point, you will need authentication on your smartphone. Tap the appropriate finger on the fingerprint reader or use facial recognition or enter your PIN. In the browser on your computer, you will be informed that this key will only be saved on this device, click Next. It may happen that you will also have to enter the password you use to log on to the computer, or use biometrics if the laptop has an appropriate reader. From now on, you can log in quickly on this computer and browser using Google Passkeys.

It is worth noting that if you log in from the Chrome browser, the key will be added to the Google password manager, and if, for example, you log in from the Safari browser on Apple devices, it will be added to the Keychain. When I wanted to perform a similar procedure in the Safari browser, it looked a bit different. Namely, when you try to log in to your Google account, a QR code will be displayed, which must be scanned with the phone on which you are logged in to your own Google account (I used the default camera application in pure Android 13 on Pixel 6a). The Use key button will appear on the camera screen – tap it. Now you will see a screen on your phone asking: Connect via QR code?. Tap Allow. The browser on your computer will say Create a key on this device, click Next. If you are asked to authenticate, do it (e.g. by touching the fingerprint reader on your laptop. That’s it! Now you can use quick login in another browser. The added devices will appear in the list on the g.co/passkeys. Each of them is now a new key. Finally, at the time of writing this guide, Keys only worked for private accounts, but soon they will also be rolled out to Google Workspace.