PASSWORDS are dangerous – even if you’ve got a really good one.
I’ve switched to a new way of logging in after very serious Google warnings reveal how passwords leave your emails, texts, photos, and even bank account exposed.
Google is urging people to create Passkeys as a safer alternative to passwords[/caption]
THE PASSWORD PROBLEM
For years, we’ve been told that it’s important to have a strong password. Well, that’s true.
But it gives you a false sense of security. Even with a good password, you’re still not totally safe.
They’re easy to forget unless you make them simple, which makes it easy for hackers to guess.
And if you re-use them across multiple apps, hackers can then easily break into all of your accounts in one go.
And even if you use a password manager, your log-in is still at risk from leaks and hacks.
Just tap your email into HaveIBeenPwned to see all of the leaks your account has already been caught up in.
If it hasn’t happened yet, it’s only a matter of time.
Think of all the stuff that is tied to your email.
It’ll be your social media profiles, your emails, your iCloud or Google Drive with all of its texts and photos, your bank accounts, apps that you have your credit card tied to, and so much more.
And if hackers break in, not only can they cause trouble with all of that, they can also pose as you to scam your friends, family, and colleagues too.
So you want to keep your accounts locked down as tightly as possible to avoid a massive (and potentially costly) headache.
Tech giants have repeatedly warned about the dangers of passwords, including Google.
In fact Google recently said it wants to “make passwords a rarity, and eventually obsolete”.
“For some time we and others in the industry have been working on a simpler and safer alternative to passwords,” said Google’s Christiaan Brand.
Passkeys can be created in a matter of seconds for your most important online accounts, including Google[/caption]
“While passwords will be with us for some time to come, they are often frustrating to remember and put you at risk if they end up in the wrong hands.
“Passkeys are a new way to sign in to apps and websites.
“They’re both easier to use and more secure than passwords, so users no longer need to rely on the names of pets, birthdays or the infamous ‘password123’.”
PASSKEYS – THE SAFER WAY
If you haven’t heard of Passkeys, don’t worry – they’re fairly new.
PASSKEY PARADISE
Here’s Google’s Sampath Srinivas official explanation for Passkeys…
“When you sign into a website or app on your phone, you will simply unlock your phone — your account won’t need a password anymore,” Sampath explained.
“Instead, your phone will store a FIDO credential called a passkey which is used to unlock your online account.
“The passkey makes signing in far more secure, as it’s based on public key cryptography and is only shown to your online account when you unlock your phone.
“To sign into a website on your computer, you’ll just need your phone nearby and you’ll simply be prompted to unlock it for access.
“Once you’ve done this, you won’t need your phone again and you can sign in by just unlocking your computer.
“Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off.”
Picture Credit: Google
You unlock to an app or website using the same method you unlock your device.
So, for instance, scanning your fingerprint or your face (like Face ID on an iPhone).
“Unlike passwords, passkeys are resistant to online attacks like phishing, making them more secure than things like SMS one-time codes,” Christiaan said.
Imagine trying to get into a club or gym. The old way would be telling the person on the door a secret code, and they’ll let you in.
You can also create Passkeys on your iPhone and then log in via Face ID[/caption]
What if someone overhears the code, or guesses it outright? Or maybe someone at the club gives your code to someone else. It’s not a secure method.
With Passkeys, it would be like touching a fingerprint scanner on the door – or scanning your face.
No one can steal it, and it can’t be leaked. It’s just you verifying yourself – no passwords at all.
You can set up a Passkey for your Google account right now just by going into settings.
And it’s not just Google – lots of other apps also offer Passkey support.
There’s a long list of services now offering Passkeys, including:
- Amazon
- Apple iCloud
- Bolt
- Discord
- eBay
- Microsoft
- Nintendo
- PayPal
- Sony PlayStation
- Roblox
- Snapchat
- TikTok
- Uber
- X (Twitter)
Switching to Passkeys means you can avoid having to log in with a password.
Mac owners can use Passkeys by verifying log-ins using the built in Touch ID fingerprint scanner[/caption]
And more apps and websites are offering Passkey log-ins all the time.
Of course, no system is entirely safe.
So the best advice is still to be cautious when browsing the web.
Don’t click on unsolicited links sent to you over email or text, always triple-check that you’re sending money to the right person, and avoid falling prey to too-good-to-be-true offers and high-pressure conversational tactics designed to make you slip up.
And make sure to keep your devices and apps updated with the latest software, as tech giants use these to deliver security fixes that close dangerous loopholes in your gadgets.
Even with Passkeys, you’re not hack-proof – so always keep your guard up online.
It’s better than passwords, but your strongest protection is still yourself.
