We constantly use passwords to log in to social networks, use devices, make payments… We can say that they are the main security barrier that prevents intruders from having access to our information. However, the way we use them has changed. In fact, Google wants to implement passwordless logins in Android and in the Chrome browser as well. Is this a good idea? Can they really put an end to passwords?
Google wants to end passwords
It’s something we’ve been looking at for a while. More and more services are using alternative methods to passwords to log in. A clear example is the applications that allow us to enter simply by putting the fingerprint on the screen.
What Google is looking for with this is to simplify logins in applications and devices. They want to allow web pages and programs to offer the possibility to log in without having to put a password, something that they indicate will help improve security and also make everything easier.
But how is this going to work? Google, together with Microsoft and Apple, have been planning and working on a common standard for some time so that the device can store a credential called FIDO , which acts as an access key. Basically, once you unlock the phone, you can log in quickly and securely.
It is based on public key cryptography and only works when the phone is unlocked, as reported by Google. We can say that it acts in a similar way to putting the fingerprint or facial recognition, something that we can already do numerous times at the end of the day to open programs or unlock the computer.
positive for security
We will have to wait to see how they finally manage to implement this option, compatibility with applications and if users are really going to want to use it or prefer to continue with the traditional method. What is clear is that we have more and more access codes and that makes us look for alternatives, such as using password managers, fingerprints, etc.
If we think about security , the truth is that ending passwords as Android wants is something very interesting. A clear example is that users are not going to fall into the trap of Phishing, which basically consists of entering the password when logging in through a false link. In this case, authentication is performed on the device itself, through FIDO credentials.
From Google they even ensure that it is safer than logging in through 2FA methods , which are the multifactor codes that we can receive by SMS or through an application. They indicate that it is a really reliable way to log in and that it will prevent many cyber attacks.
In short, Google goes one step further and wants to make Android users able to log in without having to enter a password within a year. It’s a good idea? We will have to wait to see how they implement it, compatibility with applications and possible problems that may arise so that users can really use it with ease.