Carla Roncato, Vice President of Identity at WatchGuard Technologies, provides invaluable insights into revolutionizing digital authentication through passkeys and multi-factor authentication methods, offering a robust solution to the perennial challenge of password security.
Carla Roncato, Vice President of Identity, WatchGuard Technologies
On this World Password Day, we should all pause and think about how we can adopt passkeys. Passkeys represent a significant industry shift in identity security, moving away from traditional credentials of usernames and passwords to a more secure “no knowledge” approach to authentication that is a vastly better user experience. As a form of passwordless authentication, passkeys aim to eliminate the inherent risk factors of traditional credentials.
Why not go further than “thinking and reading about passkeys?” Try passkeys! Here are the steps to set-up a passkey in Google Chrome browser on a Windows 11 laptop that is already enabled with Windows Hello Face Recognition:
Log on to your Google Account at myaccount.google.com using Chrome browser.
On the left side of the window, click on Security.
Under the “How you sign in to Google” section, click on Passkeys.
Click the “Create a Passkey” button.
Follow the prompts to verify your identity and “Save your Passkey”.
Set the option to skip passwords when possible in your security settings.
Test your passkey by signing out and signing in again.
A computer that runs Windows 10 or 11, macOS Ventura+, or ChromeOS 120
A mobile device that runs at least iOS 16 or Android 9
A modern browser such as Chrome v123.0 or Edge v123.0
A hardware security key that supports the FIDO2 protocol (optional)
And remember, any use of biometrics and biometric data for fingerprint or face unlock remains on your device and is never shared with Google (in this example) or any website that accepts passkeys.
In the spirit of World Password Day, now let’s delve into better password hygiene and password management practices. First, it’s time to do away with weak and reused passwords. Use complex passwords, consisting of >16 random characters or passphrases unique for every login. Since that can be onerous, using a password manager is optimal. Password managers can auto-generate and securely vault complex passwords. Plus, with a password manager, there is only one password you’ll have to remember: the one for your vault.
Passwords alone are woefully insufficient; you should always use multi-factor authentication (MFA). By combining multiple factors of authentication, you verify that the use of your credentials is really YOU. MFA is still considered a significant (albeit not a complete) deterrent for hackers attempting account takeover.