Rather than remembering and accurately typing in a password to sign in to some of its services on Android phones using Chrome browser, Google will now make it possible to just use your fingerprint.
The feature, which has been rolled out to some Android phones last week, will be implemented in all phones running Android 7 or later “over the next few days,” said Google. According to a Google help page, the feature also allows you to log in using whichever method you have set up to unlock your phone, which can include pins and pattern unlock.
Android phones already let you use your fingerprint to authenticate Google Pay purchases and log in to apps. What is new here is being able to use that same fingerprint to log in to one of Google’s web services within the Chrome browser. At the moment, you can use the functionality to view and edit the passwords that Google has saved for you at passwords.google.com, but Google says it plans to add the functionality to more Google and Google Cloud services in the future.
When you visit passwords.google.com you will be prompted to verify your identity using a fingerprint. Not having to remember a password means this is a much more convenient way to log in, and it is also much more secure. Passwords have all kinds of vulnerabilities, even before you consider the fact that a lot of people reuse them across multiple sites. However, with this method, credentials are stored locally on your device so they cannot be intercepted or hacked off a company’s servers, and they are also impossible to ‘phish’ by tricking you into visiting a fake website. Using a password manager along with two-factor authentication helps mitigate a lot of these vulnerabilities, but the new method Google is using removes them entirely.
If you have a compatible Android handset, then you can try the functionality out now by heading over to passwords.google.com using the Chrome app on your phone. This service lets you manage all of the passwords that Chrome has saved for you. If you tap on any one of these saved passwords, then Google will prompt you to ‘Verify that it’s you’. At this point, you can authenticate using your fingerprint or any other method you would usually use to unlock your phone. You will need to already have your personal Google Account added to your Android device for this to work.
Google’s new functionality is built using FIDO2 and the WebAuthn protocol, an open standard that sites can use to secure web-based logins. FIDO2 is much more secure than regular passwords. All Android devices running version 7.0 or later are FIDO2-certified, and Google lets you use an Android phone as a 2FA security key to log in to your account using the same technology.
Read Today's News TODAY... on our Telegram Channel click here to join and receive all the latest updates t.me/thetimeskuwait
