By KELVIN CHAN, AP Business Writer

LONDON (AP) — If you’re tired of memorizing passwords, then give passkeys a try.

You might have noticed that many online services are now offering the option of using passkeys, a digital authentication method touted as an easier and more secure way to log in. The passkey push started gaining major momentum after Google started accepting them about 18 months ago.

Passkeys are seen as eventual replacements for passwords, but if you’re still not sure what they’re all about, read on:

What are passkeys? And how do they work?

Forget about memorizing an optimized 14 character password consisting of letters, numbers and symbols. Passkeys do away with that because you never need to see them. Instead you are using existing biometrics like your face or fingerprints, digital patterns or PINs to access your accounts.

Passkeys are made up of two parts of a code that only makes sense when they’re combined, kind of like a digital key and padlock. You keep half of the encrypted code, typically stored either in the cloud with a compatible password manager or on a physical security dongle. The other half is stored on the participating apps, services or accounts you want to access.

When you want to log in to your Gmail account, for example, both parts of the code will then communicate directly with each other and give you entry.

Do they offer better security?

A passkey won’t work with any website except the one it has been created for, eliminating the security risks associated with traditional passwords.

That means bad actors carrying out phishing scams won’t be able to trick you into entering your details into a copycat login page for your bank. And because passkeys use cryptographic security, they also can’t brute force their way into your account by trying passwords exposed in previous data breaches or guessing them.

Where can you use passkeys?

Some 20% of the world’s top 100 websites now accept passkeys, said Andrew Shikiar, CEO of the FIDO Alliance, an industry group that developed the core authentication technology behind passkeys.

Passkeys first came to the public’s attention when Apple added the technology to iOS in 2022. They got more traction after Google started using them in 2023. Now, many other companies including PayPal, Amazon, Microsoft and eBay work with passkeys. There’s a list on the FIDO Alliance website.

Still, some popular sites like Facebook and Netflix haven’t started using them yet.

Passkey technology is still in the “early adoption” phase but “it’s just a matter of time for more and more sites to start offering this,” Shikiar said.

How to set up a passkey

I tried setting up passkeys for some of the major online services I use. It was fairly easy for some but confusing for others. Shikiar said his group is constantly working on ways to improve the user experience.

Google users can go to myaccount.google.com and under “How to sign in to Google”, click Passkeys and security keys. Upon reaching the setup screen, I received a prompt to create a passkey while simultaneously my password manager’s browser plug-in popped up offering to save it. I clicked to confirm and the setup work was all done automatically.

So far, pretty easy.

Then, I tried adding more Google passkeys to my Windows-based work laptop and a Yubico physical security key. This time, when I got to the Google setup screen, it asked for my existing passkey to confirm my identity. But then it somehow failed to authenticate through my password manager.

I tried again using other verification methods, including my Google authenticator app that I already had on my iPhone, and it eventually succeeded.

Adding multiple passkeys to my Microsoft account — one on my password manager, another on my Yubico key — involved some head scratching over a few of the prompts, but I eventually figured it out.

Setting up passkeys on LinkedIn and Amazon was much easier. And when I attempted to add a passkey to my WhatsApp account, I discovered I had, apparently, already created one months earlier when I activated the app lock feature requiring a fingerprint scan.

Logging in

Once set up, it was a breeze to sign in to some of my accounts with just a click or two. But there was some friction with my PayPal account because its passkeys don’t work on some browsers, like Firefox.

When I tried to log in with my Amazon passkey, it asked for a one-time verification code from my authenticator app, which confused me because I thought passkeys were supposed to eliminate the need for multi-factor authentication.

Shikiar said it depends on the site, but, in theory, the passkey already has enough protection built in.

“When the primary factor’s un-phishable, other factors aren’t necessary,” he said.

What happens if I lose my passkey?

If you’ve lost the device containing your passkey, that doesn’t necessarily mean it’s gone. That’s because the typical method to store passkeys on phones is a cloud-based password manager from Apple, Google, or third-party providers. So just log back into the password manager from another phone or computer.

Passkeys stored on security dongles, on the other hand, aren’t synced to the cloud so there’s no way to recover them if they’re lost. It’d be a good idea to get a second hardware key and keep it as a backup.

And don’t forget you can always mix both cloud and hardware methods to keep multiple passkeys for extra redundancy.

Should I add a passkeys to all my accounts?

Based on my experience, setting up a passkey can be easy, or tedious and bewildering, depending on the service and what other security technology you want to layer in.

So I wouldn’t recommend doing all your accounts right away.

Instead, choose a few of your most important and frequently used services or accounts and focus on a proper setup for those.

What about my passwords?

In theory, you could delete your old passwords. Some services like Microsoft already offer this option. Shikiar says it should be a “personal preference,” because “some people may feel extremely nervous” about going passwordless.

It’s fine to keep your password but make sure there’s also multi-factor authentication set up for it, he said.

Is there a tech challenge you need help figuring out? Write to us at onetechtip@ap.org with your questions.

Earlier this week came the announcement that A24 and Apple are developing a movie about Sam Bankman-Fried, the FTX cryptocurrency founder who was convicted of fraud in 2023. Lena Dunham is attached to write the script, based on the Michael Lewis non-fiction book “Going Infinite: The Rise and Fall of a New Tycoon.”

My fundamental question is always this: Beyond providing a showy role for an actor hoping for an awards campaign, why adapt an already widely reported story? What unexplored insights are there to be mined?

I was in the minority two years ago when I said we didn’t need “The Dropout,” Hulu’s prestige series about Elizabeth Holmes and her Theranos scam, and I’m probably in the minority saying the same about this project too.

Hollywood executives never seem to tire of this trope, churning out a quartet of series in 2022 that were a variation on the same theme, including the one about Holmes, another about the con artist Anna Delvey, yet another about the rise and fall of WeWork executives Adam and Rebekah Neumann, plus one more about Uber co-founder Travis Kalanick, who resigned from the company after a series of concerning allegations.

It’s unclear what we, as audiences, are meant to get from these projects. Maybe some viewers find some entertainment value, but to me, these shows come across as empty re-enactments that tend to be shrugging in their “welp, corruption!” sensibility.

All that aside, looking ahead to the proposed Bankman-Fried movie, I’m not sure Lewis’ book is the best source material. According to U.S. Attorney Damian Williams, Bankman-Fried “orchestrated one of the largest financial frauds in history, stealing over $8 billion of his customers’ money.” He was sentenced to 25 years in prison and ordered to forfeit $11 billion.

Despite these facts, Lewis has been criticized for developing a “misguided soft spot for the fallen crypto king,” per The Guardian, resulting in a book that is unable to “disguise the fact that Lewis can’t bear to think ill of his subject.”

A 1997 profile of Lewis in Vanity Fair noted that his work “raises the question of how heavily he may be placing his thumb on the scales when he weighs the ingredients of his dashing dispatches” and his “history suggests that he may be particularly susceptible to the lure of a shapely, larger-than-life narrative.”

Those are concerning traits in a non-fiction writer, but ironically, prized skills in Hollywood. Is Dunham, most famous for capturing millennial angst in her TV series “Girls,” the right person to tackle any of this with a clear eye? Time will tell.

As a critic, I’m always curious why certain types of projects get green-lit. A cynical read might be this: These stories don’t galvanize audiences to demand more scrutiny of corruption, but instead deliver a false but reassuring message that the system works because every so often, a powerful figure falls from their lofty perch.

Hollywood has always had an affinity for schemers and maybe that’s because show business is run by similar types: High on their own supply of overconfidence and fast-talking obfuscation. In 2022, when all those prestige series came out, I wrote about a different and far more interesting approach to the scammer genre:

1993’s “Six Degrees of Separation” starring Will Smith (and based on the John Guare play, which was inspired by real events) is a good point of comparison. It’s a movie that’s interested in more than the mere fact of the swindle, but why it worked: Smith’s character has an innate understanding of human nature and, despite the con, a genuine desire and need to connect with people. And the self-congratulatory swells taken in by his lies are really just projecting onto him all their neuroses and biases. Perhaps that’s because Guare (who also wrote the screenplay) wasn’t aiming to recreate a scandal, but instead used a true story to inspire his imagination and poking around the nooks and crannies of human nature.

”Six Degrees of Separation” … feels rich and complicated because it also contemplates the way ideas about race, and the smug assurance that only other white people are racist, plays into the game Smith’s character is running. That’s notably missing from the aforementioned projects. Whether it’s Anna Delvey or Elizabeth Holmes, their whiteness is so obviously key to affording them the benefit of the doubt and getting them through doors. And yet the shows about them aren’t interested in exploring this in any depth.

I’m holding out hope there are screenwriters with deeper things to say about the moral rot that has shaped corporate America. Whether there are media executives and financiers willing to back them is the tougher question.

Nina Metz is a Tribune critic.

By HALELUYA HADERO

After a tumultuous year filled with anxiety and a legal battle about its future in the U.S., TikTok may have just been thrown a lifeline by the man who was once its biggest foe: Donald Trump.

President-elect Trump, who tried to ban the social media platform the last time he was in the White House, has repeatedly pledged during his most recent campaign to oppose a ban on the short-form video app, which could happen as soon as mid-January if the company loses a court case that’s currently underway in Washington.

For months, TikTok, and its China-based parent company ByteDance, have been embroiled in a legal battle with the U.S. over a federal law that forces them to cut ties for national security reasons or stop operating in one of their biggest markets in the world. The measure, signed by President Joe Biden in April, gives ByteDance nine months to divest its stakes, with a possible three-month extension if a sale was in progress. If that happens, the deadline could be extended into the first 100 days of Trump’s presidency.

The companies have claimed that divestiture is not possible, and the law, if upheld, would force them to shut down by Jan. 19, just a day before Trump’s second inauguration. Attorneys for both sides have asked a federal appeals court reviewing the case to issue a ruling by Dec. 6. The losing side is expected to appeal to the Supreme Court, which has a conservative majority and could decide to take up the case, potentially dragging out the process even longer.

When reached for comment, the Trump transition team did not offer details on how Trump plans to carry out his pledge to “save TikTok,” as he said on a Truth Social post in September while encouraging people who care about the platform to vote for him. But Karoline Leavitt, a spokeswoman for the transition team, indicated in a statement that he plans to see it through.

“The American people re-elected President Trump by a resounding margin giving him a mandate to implement the promises he made on the campaign trail,” Leavitt said. “He will deliver.”

During a March interview with CNBC, Trump said he still believed TikTok posed a national security risk but opposed banning it because doing so would help its rival, Facebook, which he has continued to lambast over his 2020 election loss. He also denied changing his mind on the issue because of Republican megadonor Jeff Yass, a ByteDance investor that Trump, at the time, said that he had only met “very briefly.” He said Yass “never mentioned TikTok” during their meeting.

Still, ByteDance – and groups connected to Yass – have been attempting to exert their influence. Lobbying disclosure reports show that this year, ByteDance paid veteran lobbyist and former Trump campaign aide David Urban $150,000 to lobby lawmakers in Washington in favor of TikTok. The company has also spent more than $8 million on in-house lobbyists and another $1.4 million on other lobbying firms, according to Open Secrets.

Meanwhile, in March, Politico reported Kellyanne Conway, a former senior Trump aide, was being paid by the Yass-funded conservative group Club for Growth to advocate for TikTok in Congress. A spokesperson for the organization said Conway was hired as a consultant to conduct polling. Conway and Urban did not respond to requests for comment. TikTok, which has long denied it’s a national security risk, declined to comment.

If the courts uphold the law, it would fall on Trump’s Justice Department to enforce it and punish any potential violations with fines. The fines would apply to app stores that would be prohibited from offering TikTok, and internet hosting services who would be barred from supporting it. Leah Plunkett, a lecturer at Harvard Law School, said from her reading of the statute, the attorney general has to investigate violations but can decide whether or not to drag such companies to court and force them to comply.

Trump could do other things to prevent TikTok from disappearing.

He could issue an executive order to nullify the ban — which Plunkett believes would not be lawful — or urge Congress to repeal the law. That would require support from Congressional Republicans who have aligned themselves with Trump but have also supported the prospects of getting TikTok out of the hands of a Chinese company.

In a statement sent to the AP after the election, Republican Rep. John Moolenaar of Michigan, chairman of the House Select Committee on China, said Trump’s “long-standing concerns” about TikTok align with the law’s requirement for divestment.

“The Trump Administration will have a unique opportunity to broker an American takeover of the platform,” he said.

ByteDance, though, has previously said it has no intention to sell the platform despite interest from some investors, including Trump’s former Treasury Secretary Steven Mnuchin. Analysts say the company is even less likely to sell the proprietary algorithm that fuels what users see on the app. That means even if TikTok is sold to a qualified buyer, it is likely to be a shell of its current self and would need to be rebuilt with new technology.

Sarah Kreps, director of Cornell University’s Tech Policy Institute, said it’s also possible that Trump could take the issue back to the drawing board and direct his administration to negotiate a new deal with TikTok.

TikTok said in 2022, it presented the Biden administration with a draft agreement that would bolster protections for users and provide it more oversight over the company’s U.S. operations. But the administration has argued in court documents in recent months that it would be challenging to enforce the agreement due to the size and the technical complexity of the platform.

Trump hasn’t been privy to new intelligence material on the matter for a few years and it’s possible he could change his mind – and abandon his campaign promise – once he does, Kreps said.

Plunkett, the Harvard Law faculty and author of “Sharenthood: Why We Should Think before We Talk about Our Kids Online,” said if she were counseling TikTok, she would advise them to come up with a divesture plan that is compliant with the law and as favorable to them as possible.

“There is too much uncertainty about what a Trump administration is likely to do,” she said.

Queenie Wong | (TNS) Los Angeles Times

Search giant Google wants people to use its navigation app for more than just finding directions and avoiding traffic.

The tech giant is adding generative AI features to Google Maps so people can easily get recommendations for places to go and activities to do.

With 2 billion people using Google Maps every month, the company envisions people also will turn to the navigation app for inspiration, executives said at a press event at the company’s Street View Garage in Palo Alto on Wednesday.

Miriam Daniel, vice president and general manager of Google Maps, said the search giant has the ability to combine billions of pieces of information the company collects about the world and user reviews with generative AI.

“When we bring all this together, we will transform the way users interact with maps,” she said.

Rather than just finding directions or asking Google Maps to find the nearest gas station, users will be able to type out queries such as “things to do with friends at night in Boston” and get answers through the app. Curated with the help of Google’s generative AI chatbot and model known as Gemini, users then will see results that may include speakeasies or live music. Once the user taps on results for a business, for example, they’ll see a summary of reviews by users in addition to photos and videos of the place.

The AI-powered tools are rolling out this week on Apple and Android devices in the United States.

Google’s latest AI-powered updates underscore how the tech giant is responding to challenges to the company’s dominance in search. As the battle for the future of search heats up, the rise of AI tools such as OpenAI’s ChatGPT that can quickly summarize search results has the potential to reshape how people find and sift through information online.

Tech companies such as Meta, Apple and Microsoft have been responding to this change by infusing more generative AI tools into their products.

Google is no exception. At the company’s press event, a giant Google Map location icon, a blue Rivian vehicle and Google’s Street View cameras used to capture images of various locations filled the space.

As tech titans gather a trove of data about their users to power new generative AI tools, concerns about privacy, misinformation and copyright are some of the top issues companies have had to address.

Google also has faced scrutiny from regulators on its power over people’s lives, with a federal judge ruling in August that the company has an illegal monopoly on the online search market.

Daniel said when Google Maps provides users answers to their questions, the company isn’t using individualized information to provide personal results but contextual ones. For example, if a user asks Google Maps for things to do this weekend and it’s October, some of the suggestions might include seasonal activities such as pumpkin picking and going to a haunted house.

“We really take this seriously in making sure we’re using generative AI responsibly,” she said.

Google also is testing more AI-powered tools in another one of its popular navigation apps: Waze. Users will be able to tap a reporting button and tell the app that there’s a car accident ahead simply by speaking. Waze also will alert users when they’re near a school zone so they can be more careful about driving.

Developers are using Google’s AI technology to build new features in other products. Electric vehicle manufacturer Rivian used Google data so people can see summaries of restaurants, shops and supermarkets from the car’s infotainment screen, a tool that will be rolled out starting next month.

©2024 Los Angeles Times. Visit at latimes.com. Distributed by Tribune Content Agency, LLC.