Google Chrome now supports passkeys to eventually replace passwords

Google announced that passkeys are now in the latest update to Chrome, a security feature companies are adopting to try to replace passwords.

The company announced in October that it added support for passkeys in Chrome Canary, a version of its browser that it uses for testing new features. Now, the official, stable version of Chrome — M108 — has the security feature.

Mac users can update Chrome by clicking the three-dot menu in the upper-right of the browser window and clicking Help > About Chrome.

Passkeys

Passkeys are an effort from Apple, Google, Microsoft, and the FIDO Alliance to replace passwords. Apple announced support for them at its WWDC event in June.

They are based on the Web Authentication API WebAuthn, a security standard that uses public key cryptography for authentication.

Unlike passwords, passkeys are meant to be simpler and more convenient. They can't be reused or leaked in data breaches, and they help protect users from phishing attacks.

They work across various browsers, websites, and apps. Users can sign into websites and apps with a passkey using biometric authentication such as Face ID or Touch ID.

Chrome can store passkeys along with passwords

Passkeys can be backed up to iCloud and synced across your iPhone, iPad, and Mac devices in an end-to-end encrypted fashion. Users who create a passkey on an Apple device can sign into a website or app on a non-Apple device using a unique QR code, and authenticate with biometrics.

Google says that Chrome will be able to save passkeys in the browser's built-in password manager.

3 Comments

gatorguy 24608 comments · 13 Years

About 1 year ago

I've been using Passkeys on Chrome (maybe desktop only?) for at least a couple of years, and wish all websites that require sign-ins supported it. Maybe the new support mentioned by this article refers to Chrome on Macs? It's definitely not new to my Pixelbook (my smartphone is the authenticator), and I didn't think it was new on Windows either but not certain about that part. In any event no one should be afraid of using it, and it makes things so much easier as well as secure.

chasm 3590 comments · 10 Years

About 1 year ago

One of my big complaints about Windows is that password storage (not passkey, coming to that in a second) was handled by browsers rather than system-wide. It encouraged browser loyalty even though it is possible to export/import passwords stored in one browser to another, but that’s more than most Windows users can handle or want to bother with IME.

I’m *delighted* to see that FINALLY passkeys are being stored in the Windows system itself, meaning that (eventually) all browsers will just use that common store to enable passkeys — the way Apple has been securely storing and syncing passwords for ages. The sooner passkeys become standard across platforms and websites, the sooner a lot of “typical” computer users (ie the vast majority) will finally stop “filing” their most important passwords on random scraps of paper that could be anywhere, finally stop re-using the same password over and over, finally stop making passwords obvious (dead_pet1, dead_pet2, etc), and so forth.

Good on Google for being part of the coalition that supports this better idea. Now if we could just get people to stop using Chrome just because it keeps nagging them to …