Understand passkeys in 4 minutes

preview_player
Показать описание
Are you still using passwords? Passkeys are a new authentication technology that enables creating online accounts and signing in to them simply and securely–using just a fingerprint, face scan, or device PIN.

Learn more about passkeys and make your users’ online experiences easier and more secure!

Resources:

#ChromeDevelopers
Рекомендации по теме
Комментарии
Автор

1:57 If the passkey is stored on the device, what happens if that device is lost or stolen?...how would you retrieve your accounts before getting a replacement device 2:54?...this should have been included in the video!

aduad
Автор

So with passkeys, it is only your device PIN/password that protects everything. If a criminal steals your device and gets into it, they automatically have access to all the accounts that use passkeys as they have control of your device on which the passkeys are stored. With passwords and 2FA, the criminal steals your device and gets into it but they still can't access anything without cracking your password manager AND the authenticator app that generates the 2FA keys.

macbitz
Автор

Passkeys are still confusing. Does the passkey I use in Chrome on my Windows computer work on my Mac? Does the passkey I use on my Mac work on my Windows computer? Do Chrome passkeys propagate on my Google account, my Apple Keychain, 1Password, Lastpass, Bitwarden? Are they shared? If I wipe my hard drive and reinstall the OS, do I have to create new passkeys? Can I back them up to local-storage? When I do a security audit, is the fact that I have half-a-dozen passkeys for one website bad, or is that okay? Did I make them, or did somebody else? If I delete them will I get locked out?

Do you see how this can be confusing for people?

JohnFrazier
Автор

Two questions:
1. What happens if a user loses their phone?

2. For a legitimate reason, like aiding someone who was injured, how can you access an account you have permission to use but they aren't in the same room as you?

MichaelChin
Автор

I really like the idea of passkeys and changed my password into a very complicated one, expecting, that I would only need it as a backup, if ever. But it is a annoying, that login to a chromebook (not unlocking screen) still requires a password. And in my opinion this contradicts the whole idea. I mean, I have my smartphone next to me and I can use it to log in to my google account on a chrome browser on any windows system. Why not on a chromebook, googles own system?

ingolfmenzel
Автор

If i lost my phone or got stolen? What do i do then?

DanBonachon
Автор

If during travelling I want to login (in an internet café) to a site that supports only passkeys and my phone does not have internet, how it can be done? What if a desktop does not have bluetooth?

michaelstrelnikov
Автор

I wanted to give this a try but aside from the video not actually showing me how to use pass keys it also does a bad job convincing me it's any more secure than what using bit warden or another password manager.

TheRythimMan
Автор

but for it to be synced with other devices would mean that the private key does get stored on a Server, on Google servers which are still Server

idcrafter-cgi
Автор

As a developer, this sounds very suspicious and kind of inaccurate. It kind of just sounds like automated ssh key generation and exchange, which is inherently single factor authentication.

And if you lose the private key, you are screwed. The only way I can fathom this kind of working is if keys have to be generated per device. Even then, you need a second way of logging in.... such as a password. An existing login session providing key management is still one single factor. Then again, the explanation/example just was not clear enough on exactly what data is exchanged and stored.

JoelPeltonen
Автор

so generally speaking, the mobile device is the single point of failure? if an attacker gets access to users phone and pin, then the whole system is compromised, including any and all services where a passkey is used?

yufgyug
Автор

So you are using 2fa and remove the password part?

john_smith
Автор

Is the key actually generated for the biometric or the Google account?
Because if I create a secret key with my face scan, then lose my device and do another scan, I HIGHLY doubt it will generate the same exact face scan, so how can I now log in?

Mntrmaheffa
Автор

Understanding passkeys are really easy and I'm currently using it today. This is the next gen of passwordless feature

AzphrinxOfficial
Автор

The narrator voice volume is hard to listen, it goes from very soft to loud.

DKH
Автор

the audio in this video is poor, I could hardly hear what the narrator was actually saying

weeoorq
Автор

What if a fire destroyed my home and I lost everything? Let's assume I don't have a home anymore, let alone my smartphone. How would I deal with that? At least with password managers as long as I remembered one long passphrase I was good to go even after a disaster, now I guess I should prove my identity sending my ID to Google, that would be a long process and it would even go against my privacy. It looks like you solved a problem by introducing thousands more, very nice

DarkHX
Автор

I can't believe how confusing this video is. You present the technical mumbo-jumbo but don't provide a single example.

lugano
Автор

As far as I can understand a passkey can be your fingerprint, a pattern, or less safe, your face.

buzsgvt
Автор

Understand ???? This has so little information it's ridiculous!! And not a single word about how it keeps either half of your passkey private!!

chrisw