Google you are working on a new system so that by using Chrome You shouldn't have to enter a password every time you want to access your online services. The idea is that you can Log in with your mobile device in a simple, fast and very secure way, taking advantage of the fact that your smartphone It's already your most important personal device and the one you always carry with you.
Web Authentication API: advocating for a password-free future
Google He is always looking for new ways to improve the relationship between users y Technological devicesOne of the most widespread ideas is that our phones Units They are always with us and have become, in practice, a extension of our digital identityThey are the key to accessing our accounts, the tool we use to confirm transactions, and the device where You receive most important notifications.
In this sense, a smartphone can become our identity and our signatureOur passport and our ID card in the technological world. We have already seen how Google have implemented something like this for their account logins, with a two step verification which depends on the mobile phone and a simple notification in which we confirm that yes, it is we who are trying to access it.
Web Authentication API It is a new standard devised by the World Wide Web Consortium in collaboration with other entities and large technology companies. Its objective is that the traditional passwords become a thing of the past in everyday life. Once configured, authentication no longer depends on remembering a password and instead relies on secure credentials stored on your device, such as cryptographic keys associated with your mobile phone, your security key, or your device.
With this system, accessing an account will not depend on remembering a long and complex password, but on having your [access code/database] on hand. mobile to identify youFurthermore, it relies on technologies such as identity services and federated login, which allows you to use a single account to identify yourself on multiple websites without sharing your password with each of them.
Of course, it will be just one option among many. The concept contemplates having a button that says Sign in with your mobile or through a identity serviceOnce pressed, you will need to enter the pattern, PIN, or use our fingerprint or facial recognition on our phone to complete the login process. Essentially, it's still two-step verification, but one that retains the advantages of encryption and security without forcing the user into complex configurations, making this method very suitable for people with little technical knowledge.
This approach is also integrated with mechanisms such as the third-party loginThat is, federated login through services that store and manage your identity on the webIn this way, Chrome can show notifications asking if you want to sign in to a website using your Google account or another compatible identity service, in a controlled manner and respecting the permissions you have granted.
Chrome 67 introduces Web Authentication API in the desktop version
The first step in this direction has been taken with the introduction of Web Authentication API in the Google Chrome version 67Google's browser has been updated to receive the necessary components that allow this new system to be used on both computers and mobile devices, and the idea is that more and more platforms and services will take advantage of these capabilities.
Once the browser supports this technology, the next step is that each website Begin implementing the system. It should gradually become a new standard that coexists with the other login options: username and password, verification codes, physical security keys, or mobile-based authentication. When adoption is widespread enough, Chrome will have come much closer to its goal of letting you forgetting passwords in daily use.
This new standard is not exclusive to Chrome. Firefox It should also work, while for its implementation in other browsers such as Edge Work has been progressing gradually. The sector's common goal is to offer consistent login experiences and more secure, regardless of the browser or device you use.
In addition, Chrome integrates other identity-related features, such as the management of third-party login notificationsFrom your browser settings, you can decide whether websites can show you prompts to log in with an identity service, whether you want that login to be automatic, or whether you prefer to block those types of notifications. This gives you greater control. control over your privacy and about the ways in which websites can request your authentication.
How Chrome sign-in with identity services works
El third-party login It's a type of federated login that allows you to authenticate using a identity service Instead of having to create unique credentials for each site you visit, Chrome may display dialog boxes asking if you want to sign in using your Google account or another supported identity provider when browsing the web.
With Chrome, you can sign in to websites using the identity service of your choiceThis service stores and manages your login information and your identity on the web, always based on the permits that you have granted. This reduces the number of passwords you need to remember and improves the overall security of your online accounts.
In addition, Chrome incorporates features such as password managerThis allows you to generate secure keys, save and use them with autofill, and receive alerts if any of them are compromised. Together with the Web Authentication API and mobile login, it creates an environment where the login experience is more comfortable and more protected.
Signing into Google on your mobile: how it works in practice
You no longer have to type your password every time you need to log into your Google accountYou can now log in quickly and securely with your mobile Thanks to the login system that sends a notification to your device. This method integrates seamlessly with Chrome and the rest of Google services.
Sign in to Google with your phone It's as simple as entering your email address on the device you want to access, unlocking your phone, and tapping on it. Yes When the notification appears, you will automatically be logged in to your Google account without having to type your password on the computer, tablet, or device you are using.
How to configure mobile login
To use your phone to log in, you will need to configure your device in your account and activate this new access method. To do this, you must access the specific section of your Google account where the option is offered:
- Use your phone to log in
In the first step they will ask you select which phone You want to log in and check that you have a set up screen lock safe and a recovery phone To continue. These requirements are key to maintaining the security of your digital identity if you lose your device or if someone tries to impersonate you.
In the second step, the settings will show you a test run From the mobile login. Tap Next and you will receive a notification It will ask if you're trying to log in from another computer or device. Tapping "yes" on your mobile device verifies your identity and you'll be able to log in. Activate the login feature with your phone by clicking on Activate.
How to use phone login on a daily basis
Once you activate phone login, every time you need to log in with your Google account From a new device, Chrome will show you the option to use your mobile device. At the same time, you will receive the update on your smartphone. confirmation notificationIn many cases, simply unlocking the device and tapping on Yesbut on other occasions you will be asked to enter the Lock PINuse your fingerprint or confirm a number that appears on screen as an additional security measure.
This system takes advantage of the fact that you always carry your mobile phone with you to give you an extra layer of protection against unauthorized accessEven if someone knows your email address, they won't be able to log in without physically having your phone and being able to unlock it, which greatly complicates any attempt at impersonation.
How to disable mobile login or switch devices
If at any point you want to stop using this method or need to receive notifications on another phone, the proceedings It's very simple. You just have to log back in to:
* Use your phone to log in
From there you can Disable mobile loginRemove a device you no longer use or set a new smartphone as your primary device. It's advisable to check this section when you change phones, sell your phone, or stop using it, to prevent a device you no longer control from being associated with your account.
This entire ecosystem of options that combines Web Authentication APIMobile login, identity services, and a password manager make Chrome a very complete tool for managing your digital identity. The result is an experience where logging in is more convenient and faster, but above all, much more secure. attacks and credential theft.
