Google adds passwordless login with passkeys to Google Accounts – Computer – News

There are always some characteristics that are subjective advantages. Suppose you think it is important that the device is not vulnerable to online attacks, a physical key is best. Say you think it’s important to actually use a port and not wireless, a physical switch without NFC is best. If you also want to use it when your phone’s battery is dead, the physical key is again better. Then the question is whether you think those advantages outweigh having an extra key with you and possibly having to remember a passphrase (unless there is biometrics support, in other words: Without a password for your physical key).

However, if you are okay with all of that, these are not benefits.

Furthermore, the question remains what exactly do you want to achieve with this security. Do you just want a second verification step that is always changing (depending on time)? Want to biometrically confirm that you’re physically with the device? Want to check offline if online malware is a threat? Let’s say you think everything is fine and you want to use Authy to be able to use 2FA codes on your computer as well. Do you still think it is necessary to use a separate app?

Example: You can just use the 1Password app for TOTP 2FA. Why download a crappy Google Authenticator or alternative when your password manager can also auto-fill your 2FA code if you don’t care about all those extra issues like physical/offline/etc.? So it really comes down to what you want to get out of that second factor or step two, what do you want to emphasize with it. (1 password It now also supports passwordless, so when you log in somewhere, the extension automatically launches a passwordless service provider, just as when it automatically fills in and provides your username, password, and 2FA code step by step.)

So that Yubikey is only value added if you give importance to what makes Yubikey unique.

Passwordless is confirmation via a previously trusted device. With Apple, this is biometrics and if it is not supported or turned off, then via your device password. At Microsoft, you can choose to use a four-digit pin. I don’t know very well what the options are for Chromebooks, but I’m sure it comes down to the same thing.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top