Google Chrome Gains Support for Passkeys, Making it Easier to Log Into Websites and More

[ipedro]

The other issue is sharing Passkeys. My wife and share passwords for our bills, how can you do this with Passkey? You can't.

Yes, you can share Passkeys with your wife or as many people as you want. You can AirDrop a Passkey to people you trust. Their own authentication then works without your intervention.



That said, best practices are for sites where multiple users are likely to need access such as banks, utilities, video streaming etc to have managed Access and Permissions by individual. You are you, your wife is your wife. You shouldn't need to have the same login. Instead, in your account's access and permissions, both of you should be designated as people who have access and permissions to do things with your own profiles.

I hope passkeys remain optional forever. It sounds like a system that requires having a mobile device on you at all times, I'd hate to keep unlocking my phone just to log in to a website on the desktop. Having a password manager is so much simpler.

Where do you have the password manager? On your computer? Then your computer will have access to the Passkeys without the phone. A Passkey doesn't just exist on one device. It can be shared to different devices.

 

[Mr. Heckles]

Yes, you can share Passkeys with your wife or as many people as you want. You can AirDrop a Passkey to people you trust. Their own authentication then works without your intervention.

View attachment 2126416

That said, best practices are for sites where multiple users are likely to need access such as banks, utilities, video streaming etc to have managed Access and Permissions by individual. You are you, your wife is your wife. You shouldn't need to have the same login. Instead, in your account's access and permissions, both of you should be designated as people who have access and permissions to do things with your own profiles.

But looking into this, you can’t share with someone who has Android. I should have added that part to be more clear.

Our utilities only allow one login per household, so we have too. Same for our mortgage, vehicle payment, and some other things, we can only have 1 login.

I also want her to have access to my retirement info and I have access to hers, along with life insurance.

 

[antnythr]

Yes, you can share Passkeys with your wife or as many people as you want. You can AirDrop a Passkey to people you trust.

How would you send a passkey to someone on a desktop windows machine on the other side of the country?

 

[thecombatwombat]

But looking into this, you can’t share with someone who has Android. I should have added that part.

Yeah, in practice, I think this is going to be the biggest problem with passkeys. It's an open standard, but big tech, particularly Google and Apple, seem to be trying hard to use it to lockin users to their ecosystems. Both see this huge opportunity where users have dozens if not hundreds of passkeys synced to their devices and accounts, and now have an even harder time jumping from iOS to Android and back.

Some kind of neutral backup/restore/sharing standard probably should have been worked out early.

 

[kitKAC]

Yeah, in practice, I think this is going to be the biggest problem with passkeys. It's an open standard, but big tech, particularly Google and Apple, seem to be trying hard to use it to lockin users to their ecosystems. Both see this huge opportunity where users have dozens if not hundreds of passkeys synced to their devices and accounts, and now have an even harder time jumping from iOS to Android and back.

Some kind of neutral backup/restore/sharing standard probably should have been worked out early.

Save the passkeys into a cross-platform Password Manager. Problem solved.

 

[thecombatwombat]

Save the passkeys into a cross-platform Password Manager. Problem solved.

Sort of. Does either iOS or Android, or desktop Chrome or Safari, allow you to fill passkeys from third party password managers like they do passwords?

As far as I can tell, neither does. On the desktops you can kind of use a QR code, but there is no good way to say, store a passkey on bitwarden or 1Password, and use it with an app on either platform? Maybe I'm just behind?

If they did, yes, that would help the individual, but still be a problem for adoption.

 

[Mr. Heckles]

Sort of. Does either iOS or Android, or desktop Chrome or Safari, allow you to fill passkeys from third party password managers like they do passwords?

As far as I can tell, neither does. On the desktops you can kind of use a QR code, but there is no good way to say, store a passkey on bitwarden or 1Password, and use it with an app on either platform? Maybe I'm just behind?

If they did, yes, that would help the individual, but still be a problem for adoption.

1Password looks like they are doing something that might work great, and no QR codes needed. I assume others will follow.

https://www.fastcompany.com/90812818/1password-wants-to-ditch-passwords-without-locking-you-in-to-one-platform?

 

[nsayer]

The question I have is about cross-browser support. Can you use Chrome with passkeys that were established using Safari on the same computer? I assume Safari passkeys are stored in the keychain. Will Chrome have access to those same keychain based passkeys?

This is not as stupid a question as it seems... So far as I am aware, it's not possible to share Safari passwords with Firefox or Chrome... Would love to be educated if that's not the case.

 

[thecombatwombat]

1Password looks like they are doing something that might work great, and no QR codes needed. I assume others will follow.

https://www.fastcompany.com/90812818/1password-wants-to-ditch-passwords-without-locking-you-in-to-one-platform?

Yeah, 1Password's status is part of what I was getting at. That "plan" seems more like "hope Google and Apple won't make it as hard as possible for our app to work." I mean, what comes to desktop PCs first anymore? The mobile platforms will need a way to provide passkeys kind of like they allow apps to fill passwords. I believe there sort of is a standard, they can appear as a virtual version of a hardware device like you can for 2FA . . . but I don't think either mobile platform implements that either. They could display the browser like they do for hardware keys, and allow an app to act like a virtual key.

From what I can tell, they saw the writing on the wall, and joined Fido, hopefully not too late.

 

[Mr. Heckles]

Yeah, 1Password's status is part of what I was getting at. That "plan" seems more like "hope Google and Apple won't make it as hard as possible for our app to work." I mean, what comes to desktop PCs first anymore? The mobile platforms will need a way to provide passkeys kind of like they allow apps to fill passwords. I believe there sort of is a standard, they can appear as a virtual version of a hardware device like you can for 2FA . . . but I don't think either mobile platform implements that either. They could display the browser like they do for hardware keys, and allow an app to act like a virtual key.

From what I can tell, they saw the writing on the wall, and joined Fido, hopefully not too late.

Why will it be too late? Passkey isn’t going to change everything over night. I wished I saved it, but there was an article on how will passkey work with work computers. Most people keep work and personal stuff separated.

I think some of the big company websites will go to passkey, but the small companies will take a while, if ever.

 

[thecombatwombat]

Why will it be too late? Passkey isn’t going to change everything over night. I wished I saved it, but there was an article on how will passkey work with work computers. Most people keep work and personal stuff separated.

I think some of the big company websites will go to passkey, but the small companies will take a while, if ever.

Not too late in some absolute sense, but too late to avoid seriously hurting adoption. Sort of like how say by the time HD DVD died, most consumers who had been holding out didn't care anymore.

By the time their plan is viable, likely most users who want to use it are already locked into either Google or Apple with no good way to export their keys, and a large chunk more are mad at/distrustful of the whole system. By the time they get in, most of their would be users will be either locked in, or suspicious of the whole idea.

I'm not saying it's DOA or anything, just the opposite, I'm just saying of the hurdles it has to overcome, this is the biggest one.

 

[svish]

Good move. Hoping to see it being widely used in the near future.

 

[Beautyspin]

If this becomes a standard, 1Password could see a massive decline in users…

Maybe not. 1Password could support this, if it is technically feasible.

Introducing passkeys in Chrome

We announced in October that passkey support was available in Chrome Canary. Today, we are pleased to announce that passkey support is now ...

blog.chromium.org

"On Android your passkeys will be securely synced through Google Password Manager or, in future versions of Android, any other password manager that supports passkeys."

 

[cyb3rdud3]

With the newest breach I am not sure why anyone still uses 1Password. BitWarden is the one to use these days, but if this takes off then even they could be impacted.

???

There was no breach of 1Password, please don't spread false news and misinformation. A bad thing to do.

 

[cyb3rdud3]

If this becomes a standard, 1Password could see a massive decline in users…

Possibly by users like you who may not see the big picture, in the same way that Apple started with a built-in password manager.

There are benefits to using passkeys with 1Password. This includes support for multiple devices, platforms, and cross-platform sync, as well as data portability and passkey sharing.

And, of course, it's not just passkeys in Safari and Chrome, there are many more browsers, as well as single sign on, traditional authentication, multifactor authentication integration, shared vaults, and many more.

 

[_Spinn_]

Good to see Passkey support expanding but I’m going to wait until I can store them in Bitwarden.

 

[_Spinn_]

Has anyone seen any of the big sites out there supporting Passkeys/WebAthn yet? I’ve yet to come across one in the wild. I saw articles that PayPal was starting to roll it out in October, but it hasn’t shown up for me as an option yet.

I found this site that lists sites that support Passkeys.

Passkeys.directory

A community-driven index of websites, apps, and services that offer signing in with passkeys.

passkeys.directory

 

[_Spinn_]

i still don't buy using passkeys. i'm happy using ios and bitwarden to store passwords. i always generate strong passwords and use 2fa where i can.

i don't want keys stored on my android or iphone. i mean i don't mind using ios password manager but i want to be able to move passkeys away from it if i need to. bitwarden is my main manager i just use ios to make it a bit easier and quicker for some sites and apps. i want to be able to have a back up of them at all times.

I think you’ll be able to store your Passkeys in Bitwarden. 1Password announced this, and I’m sure you’ll be able to do this in Bitwarden.

Bitwarden is working on supporting passkeys.

✅ Store WebAuthn/FIDO2 Credentials in Bitwarden (Passkey support)

Hey @Yeroc the team is already working on passkey support 👍

community.bitwarden.com

 

[Lethen]

Possibly by users like you who may not see the big picture, in the same way that Apple started with a built-in password manager.

There are benefits to using passkeys with 1Password. This includes support for multiple devices, platforms, and cross-platform sync, as well as data portability and passkey sharing.

And, of course, it's not just passkeys in Safari and Chrome, there are many more browsers, as well as single sign on, traditional authentication, multifactor authentication integration, shared vaults, and many more.

Why do people say Apples built-in password manager isn't cross platform? I use it to enter passwords in Edge browser on my windows PC, works fine (uses official iCloud sync and browser plug-in)

 

[cyb3rdud3]

Why do people say Apples built-in password manager isn't cross platform? I use it to enter passwords in Edge browser on my windows PC, works fine (uses official iCloud sync and browser plug-in)

Does it support Android phone? How about Linux? How about none chromium based browsers? No its not cross platform...

 

[Lethen]

I don’t know about those platforms, it’s “cross platform” enough for my needs.

 

[0924487]

Yes that's the problem. Your vault is most likely to be synced with iCloud which means the SPOF is iCloud as always.

You don’t really have to sync it as it’s a static thing. You have one public key and one private key for all websites. The websites store your public key.

 

[cyb3rdud3]

I don’t know about those platforms, it’s “cross platform” enough for my needs.

Ok so it's not cross platform then

 

[The_Cynic]

What if you use a desktop Mac with no WebCam and no touch ID on the keyboard?

Reconsider all your life options, wallow in a fit of despair how much time you have wasted….

 

[Lethen]

Ok so it's not cross platform then

Windows is another platform, so that's one crossing. (I'm not a native English speaker, so things might be lost in translation, how many platforms must you cover before it's ok to say your software is cross platform? )