Passkeys: How to use them for the safety of your accounts

Passkeys: How to use them for the safety of your accounts

ByEthan Collins

What are passkeys or passwords?

In this guide I am going to talk to you thoroughly about the Passkeys Or, as we know them in Spanish, passwords. I explain what exactly, how they work and what role they play in the field of security, especially in user accounts management. In addition, I talk about how to use them on each of your devices.

Let’s start at the beginning. What are the Passkeys? In it 2022Google and Apple announced that they would begin to implement a new system that would simplify the login in internet user accounts. What they launched were the Passkeysor passwords, some digital credentials They are used to validate the user’s identity.

Password managers support passkeys due to their open nature

In order to create one of these credentials, it is first necessary to identify with another alternative method, such as a password and a user. So, if the service in question allows it, it is possible generate a passage key which can be used in the future in replacement of the password. It is also possible that Passkey It is used in a double factor authentication method.

Currently, most operating systems and password managers support Passkeys. Depending on the method used for storage, it is possible to associate them with several devices Thanks to cloud synchronization. For example, if you create a passage key and keep it in the Google Chrome password manager, it will be available on any device where this browser has been installed. In the event that the warehouse is located locally on the device, it can only be used in this. In fact, this is what happens in Windows.

The advantages of using passkeys instead of passwords

Depending on the service, the Passkeys They postulate as a replacement for passwords. In fact, there are platforms that allow Login without even entering the username. Now, this is not the only advantage that users of passage to users provide.

Geeknetic Passkeys: How to use them to stop the safety of your accounts 2
Passkeys can be associated with the mobile pin and, as a consequence, to the user’s biometric data

Here you have a list with its strengths:

  • Fast login. For example, in Canva, if you have created a Passkeyyou will get to log in with a single click. You just have to enter email and the website will be in charge of reading the passage key that you have stored in the password manager.
  • Utility as a double factor system. There are other companies that use the Passkeys as the second step in the verification of identity. This is the case of Google that, after entering the password, allows you to confirm access with the stored passage key. So you don’t need to receive an SMS or respond with a Yeah In an associated device.
  • More phishing resistant. The Passkeys They are associated with the legitimate website of each platform. If you usually log in with this system in a service and, suddenly, this option ceases to be available, you may not be on the real page. In fact, the passage key in this case simply does not work.
  • Open standard. The compatibility of Passkeys It is very high thanks to the fact that it is an open standard. Any company that develops an operating system, a browser or a password manager will be able to support them.
  • Associated with biometric data. Another advantage of passkeys is that they can be associated with biometric data. For example, when used on an iPhone or an Android, the device requests the unlocking of the passage key by means of the Face ID or the Footprint Reader, respectively. In this way, it is possible to log in with biometric data on websites and in apps, further simplifying the process. If we talk about computers, in Macos the fingerprint reader is used, while in Windows it is Windows Hello the person in charge of identifying the user (fingerprint reader or certified facial reader).

Although passing keys have enormous benefits for users, some companies are taking advantage of Lush the user within their respective ecosystems. For example, if they are all saved in Apple’s password app, users They end up depending on their iPhone to log ineven if they use a Windows PC. The same goes for Google’s password manager, which forces you to install Chrome on all devices.

The solution is none other than creating several Passkeys For the same service in different stores. Now, where are the Passkeys? Let’s see.

Where can Passkeys be stored?

To save the Passkeysit is necessary to have a key warehouse. As I have explained above, Google, Apple and Microsoft have introduced the necessary changes to provide their integral compatibility systems and devices for passwords. However, each company has chosen a different type of warehouse for the storage of the Passkeys. This helps us to better understand what places it is possible to save them.

Password manager

Apple was one of the first to support Passkeys. He did it by introducing compatibility in the Icloud keychain. Currently, this password synchronization service has become an independent application, known as Passwords. In addition to passing keys, it is possible to store passwords and OTP codes. All Passkeys What do you think on an iPhone They synchronize with the Mac and the iPad Thanks to Icloud. They also work with extension Icloud passwords configured with Icloud for Windows.

As you can see, Apple opted for Create a password manager that will synchronize the Passkeys Among several devices. Now, this is something that 1Password, Lastpass, Proton Pass and Bitwarden, some of the most popular password managers among users also.

In the browser

Here is the case of Google. Actually, Chrome’s passwords are going to go to Google password managerthat not only is integrated into the browser, but in Android. It is true that this approach is similar to Apple’s, because we are really facing a password manager. However, the Passkeys They are administered from Chrome, so we can say that they are integrated into the Google explorer.

In Android, the situation is the same. In iOSto have access to the passwords created in the Google password manager, it is necessary to install Chrome and activate it in the password self -rate settings. As the iPhone reports, Chrome admits both passwords and passage keys.

In a local warehouse

Another possibility is that passing keys They are used locally. It is what happens in Windows. The main problem is that, if you have several teams, you will need to believe a Passkey In each of them. All browsers admit the login with passwords from remote devices. So, technically, you could have all your Passkeys On an iPhone and, just scanning the QR code provided by the browser, use them to access each service.

In a hardware security key

Geeknetic Passkeys: How to use them to parameter the safety of your accounts 3
You can also save passkeys on a physical device

Hardware security keys are physical devices in which Keys and codes are stored for the login. These can store Passkeys which will be read by the system or the browser, as long as they are physically connected to the equipment.

Creating Passkeys on all devices, step by step

After all the theory, We go to the practical part. I am going to show you how to create a passage key in Chrome, since it is the most used browser. To do so, I will use the Passkeys.io website. It is a test site from which you will be able to generate a passage key and store it on your device or password manager.

Generally, with Chrome the passwords will go to the Google password manager. Once you are on the web that indicated above, presses in Don’s have an account?.

Geeknetic Passkeys: How to use them to stop the safety of your accounts 4

Then, enter your email. You can invent it, because in reality it is only a test website. Then, press in Continue.

Geeknetic Passkeys: How to use them to parameter the safety of your accounts 5

Finally, press in Create Passkey.

Geeknetic Passkeys: How to use them to parameter the safety of your accounts 6

Here the thing gets interesting. Chrome gives you the option of save the Passkey In Google’s password manager, but also associate it with Windows Hello. This last method is the same as Microsoft Edge.

Geeknetic Passkeys: How to use them to parameter the safety of your accounts 7

If you opt for the first option, just press in Following After confirming that the mail is correct.

Geeknetic Passkeys: How to use them to parameter the safety of your accounts 8

When you have finished the process, a message will appear on the test website, you are told that you have created an account. As you can see, it is an account without associated password. To access it, you will have to use the passage keys you have created. By the way, it is possible to create several Passkeys For the same account. In fact, in Passkeys.io allows you to create an additional. You just have to press in Create Passkey.

Geeknetic Passkeys: How to use them to parameter the safety of your accounts 9

I have taken that option to Create an additional passage key associated with Windows Hello. You will have to identify with the fingerprint, with the pin or with facial unlock, if your team has it. It is also possible Use another devicewhich could well be a mobile device or a hardware safety key.

By the way, Google password manager’s passage keys cannot be managed. They are there, but they are not visible. On the contrary, if you create them in Windows, there is a section to eliminate them. It is in Configuration> Accounts> Access Keys.

As for the login, on the same test website you will be able to prove it. Once you have created the passage key, you can use the button Sign in with a passkey.

Geeknetic Passkeys: How to use them to stop the safety of your accounts 10

Chrome will show the following message, from which it is possible to choose the passage key in question.

Geeknetic Passkeys: How to use them to stop the safety of your accounts 11

After authenticating with the fingerprint, access to the account is granted.

Ethan Collins
Ethan Collins

As a dedicated tech enthusiast and writer at IRC Junkie, I explore the latest innovations in software and hardware. With a background in computer science, I thrive on simplifying complex technological concepts for our readers. My goal is to inspire curiosity and understanding in the ever-evolving world of technology.