Passwords can’t go away fast enough, and if you’re the family tech support guy or gal I’m sure you’d agree. Assisting family and colleges with “lost” passwords is just no fun any more. Google has just announced another milestone in the eventual reduction if not replacement of passwords, on device FIDO2 authentication of Google websites via Android screen unlock secure keys.
If you just said, what the what now, don’t worry so did we at first, basically you can now verify your credentials on Google websites via the mobile browser on Android using your “lock screen security” method. For example if you want to look at a password stored in your Google Password manager you can open https://passwords.google.com select a password to view and rather than having to type in your Google password you’ll be handed off to the lock screen authentication system where you can unlock via Fingerprint or what ever you have set as your other unlock methods.
Currently the new feature is only available on Pixel devices, we can confirm it is working for us, but will be rolling out to all Android 7+ (Nougat) devices and above in the coming days, most likely via the Google App. While Google has not overtly said that this feature will be rolling out to website that use Log in with Google we sure hope that that is on their road map.
What Google did say in its blog posts was “you will start seeing more places where local alternatives to passwords are accepted as an authentication mechanism for Google and Google Cloud services”, so that gives us some hope for a password less future. It would be fantastic to be able to rely on secure cryptographically sound mobile authentication for both mobile websites and Android apps in the near future.