passwordLiving with technology is an annoying and uncertain reality. Nobody likes them, but until now there is no real replacement. If they keep their word, keys could reduce the hassle and risk of authentication with a simple, secure system based on trusted devices. Google is one of the largest key enabled companies. Therefore, now you can try this new technology by signing in to your Google account.
What is a password?
Keys are designed to be more secureEasier to use than a password.rather than typing (or having) a passwordPasswortmanagerdo it) and validate with aMulti-Factor AuthenticationAll that is required for the key is a trusted device and biometric or PIN verification.
Part of the reason keys are likely to replace passwords is that they were developed by a consortium called the FIDO AllianceadvocateApple, Google and Microsoft. All three companies have built cryptographic key support into their browsers and ecosystems, meaning there's a viable alternative to passwords for the first time. That is, the passwordHas not yet gained wide acceptance.
How secure are passwords?
For those struggling to protect their passwords from phishing and brute force guessing, this new technology might seem a bit daunting.
You might be wondering what would happen if someone used your key to steal the device. Because keys can only be created on devices that require authentication to unlock, anyone who finds your device has to go in first to impersonate you. While it's not impossible to bypass a biometric or PIN lock on a device, it's not that easy for a casual criminal.
You may also be worried about what might happen if the website or your device is compromised. because they are neededAsymmetric key cryptography, Adata leakNo information is disclosed that an attacker could use to impersonate you. Even if your key is somehow extracted from your device, it won't work without the device itselfAndYour biometric or PIN authorization.
How useful are passwords?
Even if you have conquered these fears, you have to think about the logistics. How do you sign in on a device without a key? Don't worry, you can use a keyed device to temporarily authorize another keyless device. The connection is made securely via Bluetooth, but keys are not transferred or copied. Instead, the receiving device is only allowed to sign you in once.
Part of the reason keys are likely to replace passwords is that they were developed by a consortium called the FIDO Alliance and are endorsed by Apple, Google, and Microsoft.
Depending on your platform, the key can also be synced between your devices. For example, when I create a key on my iPhone, I get a warning that it has been saved to iCloud Keychain and is also available on my other Apple devices.
Does your device support buttons?
Before you start, you should make sure that the device you want to use to create the key is supported.Google documents(opens in new window)Three important categories are listed. Desktops and laptops require at least Windows 10 (2015) or macOS Ventura (2022). For mobile devices you need at leastAndroid 9(2018) oriOS 16(2022)。
You can also useHardware Security KeyBildYubikey 5Save your password. The advantage is that your keys only exist on the one device you control. However, this also means that if you lose your security key, you will lose all of your keys. It's a good idea to create more keys or back up your security keys on other devices. Websites and services that use keys must provide some sort of fallback option for this situation, which may mean deleting the old password or resetting it if necessary. If you use a security key, it must support FIDO2. Most modern keys support this standard, but older keys may not.
The device you use must also meet some minimum security requirements. The lock must be activated on the laptop, desktop or mobile device. This means you have to use your biometrics or your PIN/password to open your device when it's not in use. they doNOHowever, a security key that supports biometric data is required.
As mentioned above, the key can be used to authorize other devices with Bluetooth connectivity. So if you want to do this, you need a Bluetooth-enabled device.
Finally if you useBrowser- you may be - it will beto returnPassword support is required. Google's documentation states that Chrome 109, Safari 16 or Edge 109 support passwords. It is worth noting that Firefox does not exist, although the developersMozilla says(opens in new window)You are on the roadmap. In our testing, we found that other Chromium-based browsers may also support keys. For example, in the latest version of Opera, we have no problems creating and using passwords.
Note that keys cannot be used if your Google Account is managed by an employer or other organization. However, you can use a key instead of Google's security keyAdvanced protection program.
Start using the key
Google has created a special dashboard to view and manage the keys you've created to log into your Google account. that are allFor your Google account only:Not all keys from other websites and services on your device.
To view it, log into Google normally (hopefully with multi-factor authentication and a password manager). Then click the icon in the top right corner of the screen and then click Manage your Google account. On the next screen, click Security in the left column. In the "How to sign in to Google" section, you will see several options, one of which should be a pass key.
Google lets you manage all the keys you create to access your Google account (Source: Google)
If you have an Android device, you'll see the label "Automatically generated passwords" at the top of the Passwords screen. That's right. If you have connected your Android device to your Google account, that device already has a password that you can use to log in to your Google account. If you see a device there that you don't recognize or haven't used in a while, click the Manage Devices link at the top of the screen (or visitGoogle Device Manager(opens in new window)) to log out.
The section titled "Keys you've created" shows all of your Google Account's keys along with some information about the platform they were created on, when they were last used, and the approximate location from which they were used. Deleting the key here will deauthorize the device on which it was created. This comes in handy when you accidentally create a password on a computer you don't own or when you get rid of a computer.
If you registered your hardware security key as a multifactor device with your Google account, it will appear in the list below. However, this is where it can get a bit tricky. In my testing, I was unable to create a new key or log in with a key that uses a previously registered key. If I unregister the key and then use it to create the key, it works fine.
At the very bottom of the page is the most important part: a button that says "Create Password". This does exactly what it sounds like and allows you to create a passkey for your security key or the device you are using.
How to create a password for Google on Windows
First, make sure your Windows computer is set up to support keys. Most importantly, you enable Windows Hello before your PC can create a key. You can enable this feature in the Windows settings.
Using Microsoft Edge, Chrome, or a compatible Chromium-based browser, navigate to the Google password settings page and click the "Create Password" button at the bottom of the screen. You can also start the process from this short URL:http://g.co/ password.(opens in new window)
You will first be asked to create a key. So just click “Next”. Next, the Windows security pop-up will appear. You can then use whatever Windows Hello method you used to unlock your PC. In my case, I entered my PIN and clicked OK.
Windows Hello must be enabled to create keys on Windows (Source: Google/Microsoft)
Google's key is now saved on your Windows computer. Note that Microsoft does not currently sync keys between devices. You must manually create keys on all other Windows computers. You can authorize your other device by following the steps above, or use another device with a Google passcode and then create a new passcode as described below.
How to create a key for Google on macOS
You can create keys on macOS using Chrome (a supported Chromium-based browser) or Safari. Make sure your computer is using the latest version of macOS and that you have biometric lock or password enabled to protect your computer.
Navigate to the password settings above and click the "Create Password" button. or use the short url from googlehttps://g.co/password(opens in new window).
The first screen when creating a key in Google Chrome for macOS (Source: Google)
You will be prompted to create a key on your Mac. After clicking the "Next" button, confirm the Google account you want to create a password for. Next, authorize key generation using the mechanism you use to unlock your Mac. In my case, I used the MacBook Pro's fingerprint scanner.
macOS generates a prompt for a fingerprint or password (Image credit: Google)
The key is now safely stored on your Mac and a new entry will appear on the Google Keys settings page.
How to create a key for Google on Android
You don't have to do anything to create a key on your Android device. If you are already signed in to your Google account, Google has already generated a key on your device. You can now use it to securely sign in to Google and authorize other devices.
Because this happens automatically, you may have keys on devices that you no longer use or that you no longer own. Be sure to check out Google's password settings page and erase any devices you no longer use.
Recommended by our editors
Google: Keys let you log in much faster than passwords (trust us)
No more passwords: How to set up your Apple password for easy sign-in
Try a password, but keep your password manager
How to create a key for Google on iOS
Using Chrome (or a compatible Chromium-based browser) or Safari browser on iOS, navigate to the Google password settings and tap the "Create Password" button or use a shorthandhttp://g.co/password(opens in new window).You will be prompted to create a key and click Next. Now iOS will take over and remind you that your key will be added to your iCloud keychain and synced across all your devices. Tap the button on the button and then perform the ritual that will unlock your device. I entered a PIN for myself. That's it! Your key has been created and saved.
Note that you can also use your key to sign in to Google in other applications. For example, I create a password in Safari and use it to log into Chrome for iOS.
How to create a key for Google on your security key
You can use a hardware security key like a Yubikey to store your keys (Source: Max Eddy)
Before you begin, make sure your security key supports FIDO2. Older keys don't work. Also, make sure you have registered your security key with Google as a multi-factor authentication device. In my testing, I found that I couldn't create a key using a security key that I had registered for multi-factor authentication. However, I simply unregistered the key and then created a key on it. Oddly, I had to re-register the key separately to use it as a multi-factor authentication device. If you need to perform this trick, I highly recommend using another multi-factor authentication method first, or creating a key on another device to ensure you have a secure and reliable way to log in.
Using a supported browser, navigate to the Google Keys setup page and click the "Create Key" button or use the short URL:http://g.co/password(opens in new window).when prompted to create a passwordNOClick on Continue. Instead, click the "Use another device" link on the left. From the list that appears, select the USB security key.
Clicking "Use another device" gives you multiple options for creating keys in Chrome (Source: Google)
You will then be prompted to insert your security key and tap the touch-sensitive button. If you have already created a PIN for your security key, you must enter it now. Otherwise you will be prompted to set a PIN for the key.
If you never use your security key for passwordless access, you'll need to assign a PIN to it (Source: Google)
You tap the key again and then press “Allow” on the following screen to request permission to access your security key. A window will then appear confirming that the key was successfully created on your security key.
The key remains on this security key (Source: Google)
Remember: the key you just createdonlyLives on your security key, not on the computer you are using.
How to sign in to Google with a password on another device
To sign in to Google on one device using a key stored on another device, you must first create a key using one of the methods above. Also, Bluetooth must be enabled on both devices - the one with your key and the one you want to authorize with. If one of your devices doesn't support Bluetooth, it won't work. The device with your key also needs a working camera.
Note: If you have created a key for your security key, you can simply insert the key into your device and sign in. You can then create new keys on the device you're logging in with, if needed.
When you sign in to Google, the site generates a message that you have a password on another device and offers you the option to sign in. Depending on the device and browser used, this will look different and offer different options. Select the device with your passcode and continue.
If you authorize Google Chrome on an Android device, push notifications will appear on your phone.
If you have the key on your Android device, Chrome can send a push notification asking for authorization (Source: Google)
If you use a different combination of devices, the QR code will appear on the device you want to authorize. Scan the code with a device that already has your passcode, and then use whatever method you used to unlock the device.
Scan the QR code to connect the two devices via Bluetooth (Image credit: Apple/Google)
Next, you can create a new key on the device you just authorized. Make sure you didn't create the key on a shared device or a device that you don't own. If you regret your choice, simply use Google's password settings page to deauthorize your device.
Newly authorized devices can create their own keys (Image credit: Google)
Passwords could be the future
Passwords might seem weird and intimidating, but after doing some research and testing for this article, I was pleasantly surprised at how smooth and fluid the experience was. We're still a long way from getting rid of the hassles of passwords, but passwords are our best bet.
What is two-factor authentication?
Like what are you reading?
Registrationsecurity guardA newsletter with our top privacy and security stories delivered straight to your inbox.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters