Announcement

Google Introduces Passkeys: What Does That Mean for Password Managers?

May 6, 2023
Google-Introduces-Passkeys-What-Does-That-Mean-for-Password-Managers

Passwords are still widely used and will continue to be for some time. However, last year, Google made an important announcement in collaboration with the FIDO Alliance, Apple, and Microsoft. They expressed their commitment to supporting passkeys as an alternative to passwords, providing enhanced security and convenience. 

And yesterday, just in time for World Password Day, they began rolling out passkey support for Google Accounts on all major platforms. Passkeys will now be an additional option to sign in with, along with passwords, 2-Step Verification (2SV), and other methods.

What Is a Passkey?

Passkeys are a way to access online accounts without typing in a password. 

They consist of a pair of cryptographic keys – a private and a public key; that are incredibly secure and impossible to crack. The public key is shared with the website or app, while the private key stays on your device and is never shared with anyone.

When you’re asked to sign in to an app or website using a passkey, you can approve the sign-in using the same biometric (like your fingerprint or face recognition) or PIN that you use to unlock your device (phone, computer, or security key). The private key of the corresponding passkey stored on the device will be used to authenticate and sign into the service. 

Benefits of Passkeys

Passkeys offer several key benefits that improve convenience, ease of use, and enhance security and protection.

1. Protection Against Phishing Attacks

Passkeys are based on FIDO Authentication, which has demonstrated high resistance to a range of threats, including phishing, credential stuffing, and remote attacks. Unlike passwords, passkeys are phishing-resistant. They are specifically bound to the designated website or app, reducing the risk of being tricked by a fake website.

2. Resistance to Brute-Force Attacks

They are designed to be highly resistant to brute-force attacks. Utilizing advanced cryptographic techniques, they render it virtually unfeasible for potential attackers to generate the precise keypair within a finite time frame.

3. Seamless Login Experiences Across Devices and Platforms

Passkeys can be synced across multiple devices via a cloud service. Regardless of whether you’re using a phone, tablet, or computer, you can use the same passkey to access your accounts. 

4. Unique and Complex Passkeys for Each Account

Passkeys are generated independently for each service or website you use. This means that even if one account is compromised, the unique Passkey used for that account won’t work for any other service. It compartmentalizes the risk, providing an additional layer of security.

Looking Ahead: Enpass Will Support Passkeys

Today, passkeys are being introduced as the future pathway, but traditional passwords are still in use. To increase the adoption of passkeys, users need an efficient way to manage both. Currently, users have limited options to generate and store passkeys like Apple keychain. A potential challenge for password manager users arises from the inconvenience and complexity of managing passwords and passkeys independently.

At Enpass, our dedication lies in delivering secure and user-friendly credential management solutions for our valued users. As a member of FIDO Alliance, we are currently working on adding support for storing passkeys in Enpass. Once introduced, you will be able to effortlessly use Enpass to manage your passkeys alongside your passwords.

Our users love Enpass for the freedom it provides, allowing them to choose their preferred secure location for storing their vaults. We want to assure you that, even with the introduction of passkeys, Enpass will remain committed to upholding these values, ensuring your trust and satisfaction.

Related posts

Enpass iOS Passkey blog image
Security

Enpass steps into the passwordless future with passkey management for iOS

September 19, 2023

Great news! Apple has just released iOS 17, which includes a major leap forward in security: Opening up passkey management to password managers like Enpass. Even better news! Enpass has just released an update to go along with this change. You can now create passkeys in Enpass and sync them between devices, along with your […]

Strong Password
Security

Why Are Strong Passwords Still Crucial Even with MFA Enabled?

May 15, 2023

In 2021 alone, 6 billion user accounts suffered data breaches, setting a new (not so happy) record for data breaches. 2022 was no better. The bottom line is that individuals and businesses must better protect themselves against cybercrime. The two most effective ways to safeguard sensitive information are strong passwords and multi-factor authentication (MFA). Together, they […]

Password-Manager-Breaches-Should-you-Worry-As-A-User
Security

Password Manager Breaches: Should You Worry as a User?

February 9, 2023

Disturbing reports of high-profile data breaches involving popular password managers have become more frequent. LastPass and Norton Password Manager were recently hacked, which has raised concerns about the security and reliability of using such tools to store sensitive information. These security breaches can naturally make anyone nervous about the safety of their data. But these […]