Google announced passkey support for Chrome and Android


Google announced the introduction of passkey support to both the Chrome web browser and the Android operating system in a push to reduce reliance on passwords.

Google claims the aim behind the move is user safety, as passkeys are inherently safer than passwords and other authentication factors that threat actors race to phish.

"They cannot be reused, don't leak in server breaches, and protect users from phishing attacks. Passkeys are built on industry standards and work across different operating systems and browser ecosystems, and can be used for both websites and apps," Google said in a blog post.

According to Google, from an end-user standpoint, using a passkey will not feel different from using the saved password feature with fingerprint authentication. The company claims that passkeys would be synced through the cloud to avoid lockouts in case of a lost device.

The announcement means users can create passkeys on Android devices that are securely synced through the Google Password Manager. Meanwhile, developers can build passkey support for end-users using Chrome on their sites.

"Our next milestone in 2022 will be an API for native Android apps. Passkeys created through the web API will work seamlessly with apps affiliated with the same domain, and vice versa," the blog post said.

Google says that creating a passkey will require two steps: confirming the passkey account information and presenting their fingerprint, face, or screen lock when prompted. Meanwhile, signing-in to a website will require scanning an authentication code with a smartphone.