Almost five months after Google added support for access keys to her Chrome browser, the technical giant began to introduce a non -parallel solution for Google’s accounts in general on all platforms.
Access keys supported by FIDO Alliance are a safer way to enter the applications and websites without using a traditional password. It is replaced by the usual method used to unlock the device, whether it be a local PIN code or biometric data by recognizing the face or fingerprint.
As noted in Google, unlike ordinary passwords, access keys are more resistant to online atams, such as phishing, which makes them even safer to use disposable SMS codes for 2fa.
After creating, access keys are stored locally on the device and not transmitted to third parties. It also eliminates the need to configure two -factor authentication in principle, because it proves that the user already has access to the device and he can unlock it.
Users can also create access keys separately for each device that they use to enter the Google account. At the same time, the access key created on one device will be automatically synchronized with all other devices running the same operating system and using the same Google account.
It is worth noting that the “password manager” from Google, like the “ICLOD” bunch from Apple, use through encryption to ensure the confidentiality of access keys, thereby preventing the account of the account in case of loss of access to the device, as well as simplifying transition from one device to another.
In addition, users can enter the system on a new device or temporarily use another device by selecting the “use key from another device” parameter, which then uses the screen lock and the proximity of the phone to confirm the one -time entrance. In this case, “the device checks that your main phone is located nearby using a small anonymous Bluetooth message, and sets a through encrypted connection between phones via the Internet,” they explained in the company and added that with this method of entering the access key, nor information The screen lock is not sent to a new device.
Although the widespread implementation of access keys can be the “beginning of the end” of the usual password access, the company said that it intends to continue to support existing methods of entering the system, such as passwords and two -factor authentication, at least in the foreseeable future.
Google also recommends users not to create passwords on devices that are used together with other people, because this can significantly undermine safety.