Google’s new password security upgrade might work best on the Pixel 4BGR — Chris Smith
Google has a brand new security feature that every Android user out there should be using, as long as they operate devices with built-in fingerprint sensors running at least Android 7. But what’s exciting is that the feature will really shine once the Pixel 4 launches, as Google’s device is already confirmed to feature 3D facial recognition authentication, similar to Apple’s Face ID for the iPhone X-branded phones.
Google will let you sign in to your Google services inside Chrome on Android using nothing but your fingerprint, which is a significant upgrade from the password. You won’t have to bring up a password management application or type in your password to sign in. A fingerprint will suffice.
Moreover, the feature lets you use the same PINs and patterns that unlock your Android phone to sign into the same services, per Google’s help pages. That’s also a great trick, but if you have a fingerprint sensor, then go for that option, because it’s a lot more secure.
With the Pixel 4’s Face ID alternative, logging into Google services should be even easier than that. After all, it’s likely that Google’s new authentication method will also support the Pixel 4’s signature new feature. 3D face unlock is more secure than fingerprint scanning, and Google is already saying that Pixel 4 face unlock will be very fast. The Pixel 4 isn’t expected to also feature a fingerprint sensor. There certainly isn’t one on the back of the handset, and we don’t expect Google to place one under the screen.
Not all Google services associated with your Google account will work with the new authentication methods, but Google will expand coverage for the feature in the future.
What’s interesting about Google’s new approach to passwords is that there’s no risk of anyone intercepting your data. The credentials are stored on the device, which means attackers won’t be able to trick you into filling a username and password combination into a fake site that looks legitimate. The new functionality is built using FIDO2 and the WebAuth protocol, The Verge reports, with all devices running Android 7 or later being FIDO2-certified.
You can test out the feature over at passwords.google.com from your Android device using the Chrome browser. If it’s not working on your device, then you’ll have for Google to make it available. It’s unclear whether the feature will work in any other internet browsing apps on Android in the future. For the time being, it looks like a Chrome-only trick, one that might make the browser an even more attractive option for Android users in specific markets.