Security

Google Announces Password Replacement for Android Users

PIxabay

Had enough of pesky passwords Google requires you to remember and introduce over and over again to log into your accounts? Well, life might be getting easier for Android users, at least as far as Google passwords are concerned. 

As of today, Google has rolled out a new system which will allow you to log into some of the Chrome services on Android just by using your fingerprint. The feature will allow any users with phones that run Android 7 (or later) to log in via whatever other method they might use to unlock their phone, which include pattern unlock or pins. 

A lot of people use the same password or slightly modified versions of it across multiple websites, something that comes with obvious vulnerabilities. However, by using this sort of method, the user’s credentials will only be stored on their device, which means that all those details will not be as easily intercepted. 

So, if you have an Android device compatible with the new feature, you can head over to passwords.google.com via the Chrome app. Tap on any of the passwords Google will show you and the software will ask to “verify that it’s you”. At this point, you will authenticate yourself by using your fingerprint or any other preferred method you have chosen to unlock your phone with and you’re set. 

So, how secure is it, actually? 

It’s based on the FIDO2 standards, W3C WebAuthn and FIDO CTAP, so pretty secure, if you think about it. Your unlock system, whatever it might be, authenticates you on-device and communicates with the Google servers letting them know it’s truly you. That means Google does not have access to your fingerprint, password or other unlock information. 

If you use a Pixel phone, the feature should be readily available for you to use. Other Android users might still have to wait for a few more days but the best way to know if you can do this yet or not is to simply go ahead and try it. 

Google has released more information about it over at the company’s security blog

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To Top