Google's Passkeys to Replace Passwords

Reading audio



11 May 2023

There is good news for people who hate passwords. Google has added a different way to log in to its services. This new feature employs the use of "passkeys."

What are passkeys?

Passkeys represent a safer alternative to passwords and texted confirmation codes. Users will not ever see the passkeys directly. Instead, an online service like Gmail will use them to communicate directly with a trusted device such as your phone or computer to log you in.

All a person has to do is confirm their identity on the device. This confirmation, also known as verification, can take several forms. It could be a PIN unlock code, a fingerprint or face scan, or a physical security dongle.

Google designed its passkeys to work with different kinds of devices. You can use them on iPhones, Mac and Windows computers as well as Google's own Android phones.

Why are passkeys needed?

Thanks to smart hackers and human weakness, passwords are just too easy to steal or defeat. And making them more complex just opens the door to users defeating themselves.

In short, passwords put security and ease of use directly at odds. In addition to getting around these problems, passkeys have one additional strength over passwords. Passkeys are specific to websites, so hackers cannot steal a passkey from one website and then use it to steal from a person's bank account.

How do I start?

The first step to using passkeys is to enable them for your Google account. On any trusted phone or computer, open the browser and sign in to your Google account. Then visit the page g.co/passkeys and select the choice to "start using passkeys." The passkey feature is now activated for that account.

If you are on an Apple device, you will first be asked to set up the Keychain app if you are not already using it. It securely stores passwords and now passkeys as well.

The next step is to create the actual passkeys that will connect your trusted device. If you are using an Android phone that is already logged into your Google account, you are most of the way there. Android phones are ready to use passkeys, though you still have to enable the function first.

On the same Google account page noted above, look for the "Create a passkey" button. Pressing it will open a window and let you create a passkey either on your current device or on another device. There is no wrong choice; the system will simply notify you if that passkey already exists.

If you are on a PC that cannot create a passkey, it will open a QR code that you can scan with the cameras on iPhones and Android devices. You may have to move the phone closer until the message "Set up passkey" appears. Tap that and you are on your way.

Then what?

From that point on, signing into Google will only require you to enter your email address. If you have gotten passkeys set up correctly, you will simply get a message on your phone or other device asking you for your fingerprint, your face or a PIN.

Of course, your password is still there. But if passkeys take off, the odds are good you will not be needing it very much. You may even choose to delete it from your account someday.

I'm John Russell.

David Hamilton reported on this story for the Associated Press. John Russell adapted it for VOA Learning English.

___________________________________________________________________

Words in This Story

password – n. a series of numbers, letters, or symbols that allows you to use a computer system

alternative -- n. a choice or option

code -- n. a set of letters, numbers, or symbols that identifies or gives information about something

dongle – n. a small device that plugs into a computer and serves as a security measure

specific – adj. relating to a particular website, person, situation, etc.

app -- n. a computer program that performs a special function

function – n. the special purpose or activity for which a thing exists or is used

QR code – n. a code consisting of black and white squares, typically used for storing URLs or other information