I think of myself as tech savvy but for some reason i either missed the memo on Passkeys, or just misunderstand how the thing works. Im reasonably sure my parents/granparents will start asking me about this stuff soon (as google / other websites push it on them), and id really like to understand it myself first so i can explain it to them as well.
Right now, to login to website/account/etc i just need to know my login (i.e. my email address, or my username) and my password. For example, “FakeDogLover”+”CatsRule123”. How is Passkey different?
In: 1799
So with passwords, your password is your “key” to your account.
Imagine that you are not typing in a password, but having your phone physically with you is the key to your account. What that means in the login process? Let’s say you want to sign into gmail. You type in your email address, press next, then your browser, for example Chrome will present you a QR code. You scan this with your phone, use biometric authentication on your phone, and boom, you’re in. You don’t have to type in anything else. That’s how your phone is your key.
On the technical side, your phone and the computer you are using has to be close to each other, because this works through Bluetooth and / or Wi-Fi. So you can’t sign in through a picture. The passkey itself will be presented by your phone to the computer digitally on the network. That passkey is cryptographic and generated, and a pretty long random character line. Instead of you having to type in this very long unlegible string, your phone “sends it to the computer” virtually.
Safer, because longer and more random than a password, and, in its own way, works only when you are around.
Latest Answers