Take a fresh look at your lifestyle.

iPhone and Android users told to use passkey trick to protect ‘goldmine’ feature


ANYONE with an iPhone or Android is being urged to try a clever new feature called passkeys.

A passkey is designed to be a replacement for your password.

You can use a fingerprint scanner to unlock your passkey-sealed accounts


You can use a fingerprint scanner to unlock your passkey-sealed accountsCredit: Google

The benefit is that a passkey should be easier to use while offering far greater protection.

Passwords are widely considered to be a very poor way for you to seal your accounts.

And cyber-experts say that it’s extremely risky to be using passwords alone to protect one service in particular.

“Your email is a goldmine for cybercriminals because of the extensive amount of information an attacker can gain from it,” said Aranza Trevino, of Keeper Security.

“Making it important to protect your email from unauthorized access.”

Aranza continued: “If a scammer were to gain access to your email, they could easily use the ‘Forgot Password?’ option to send a password reset email, enabling them to change your passwords and gain access to your other accounts.

“Just like that, they’ll be able to compromise almost any of your online accounts.”

The security expert recommended switching to passkeys instead.

Passkeys let you log in with a scanner on your phone, like Face ID facial recognition or a fingerprint sensor.

Google explains passkeys as it makes passwords ‘obsolete’

They can’t be hacked, leaked, forgotten, or accidentally given away.

Apple and Google have both been hard at work to offer them on their devices.

And they’re very easy to set up once you know how.

“To prevent scammers from accessing your email, you should use a passkey to log in (if available), enable MFA and have an email recovery option set up,” Aranza revealed.


Here’s the official list from Google…

  • You won’t have to remember a sequence of letters, numbers, and characters.
  • You can sign into accounts with fingerprint or facial recognition technology.
  • You can use passkeys across different operating systems and browser ecosystems, and with both websites and apps.
  • Passkeys are strong enough to never be guessed or reused, making them safe from hacker attempts.
  • Passkeys are connected to the app or website they were created for, so you can never be tricked into using your passkey to sign in to a fraudulent app or website.
  • Passkeys from Google Password Manager are available across all Android apps.

She went on: “A passkey is a passwordless authentication method that allows you to sign in to your account without having to enter a password.

“Passkeys leverage biometric information, such as fingerprint or facial recognition, to confirm your identity.

“Passkeys are more secure than passwords because they are phishing-resistant, error-proof and support Two-Factor Authentication (2FA) by design.

“Therefore, they should be used as a sign-in method for every account they’re supported on.”

You'll be able to use your passkeys on your phone – and on other devices too


You’ll be able to use your passkeys on your phone – and on other devices tooCredit: Google

Not all apps offer support for passkeys yet, but the number of services that let you use them is growing rapidly.

And popular email apps like Google’s Gmail and Microsoft’s Outlook already offer passkey support.


It’s extremely simple.

Apple will let you save passkeys for accounts that support them


Apple will let you save passkeys for accounts that support themCredit: Apple

First go to set up a new account – or sign in to an existing one – on a website or app that supports passkeys.

If you’re using an existing account then you might need to go into your account settings.

You should see an option to save a passkey for the account.

Hit Continue and then follow the instructions to save your passkey – which will be stored in Settings > Passwords on your iPhone.

How does Apple’s FaceID tech work?

Apple’s facial recognition system for the iPhone X isn’t massively complicated. Here are the steps your phone takes:

  • The phone will use various sensors to work out how much light it needs to illuminate your face.
  • It then floods your face with infrared light, which is outside the visible spectrum of light.
  • A dot projector will produce more than 30,000 dots of this invisible light, creating a 3D map of your face.
  • An infrared camera will then capture images of this dot pattern.
  • Once your phone has all that info, it can use your face’s defining features – like your cheekbone shape, or the distance between your eyes – to verify your identity.
  • It computes a score between 0 and 1, and the closer it is to 1, the more likely it is that your face is the same as the one stored on your iPhone.
  • Apple says there’s a one-in-a-million chance of someone else getting into your iPhone with Face ID, although the system has been tricked with twins.
  • Still, it’s arguably better than the alternative: Apple’s Touch ID fingerprint scanner has a one-in-50,000 chance if being fooled.

Then you can simply log in with the passkey next time using Face ID or Touch ID – or with your device passcode if that fails.

If you’re signing in on another device then you’ll need to use your iPhone camera to scan the website’s QR code and log in that way.


It’s a similar process for Google’s passkeys on Android.

You can save your Android passkeys inside the Google Password Manager


You can save your Android passkeys inside the Google Password ManagerCredit: Google

Just go to sign up or log in to a website or app and look for the option to create a passkey.

Make one and then it’ll be saved to your Google Password Manager.

This will make your passkey available across all Android apps.

You can find your passkeys by going into your device settings and choosing Passwords.

6 Essential Safety Tips for Online Shoppers

And like on iPhone, you can scan a QR code with your Android phone camera to sign in with a passkey on another device – like a laptop.

Google adds the following tip: “After you scan the QR code on an Android device, you can choose to remember your computer.

“If you do, the computer shows your Android device as an option when you need a passkey.

“When you select it, you receive a notification on your device to verify your identity.”

Leave A Reply

Your email address will not be published.