Google has taken a major step towards a passwordless future with the launch of passkeys for Google accounts. This new cryptographic key solution eliminates the need for traditional passwords, as well as other sign-in methods such as two-factor authentication or SMS verification. Instead, users can use a local PIN or biometric authentication like fingerprint or Face ID to access their Google accounts.
Passkeys are a safer and more convenient alternative to passwords, as they exist only on the user’s devices and cannot be stolen in a phishing attack. The biometric data used for passkeys is not shared with Google or any third party, which provides greater security and protection for users. Passkeys are also compatible with any device running iOS 16 or Android 9 and can be shared with other devices using services like iCloud or password managers like 1Password.
Google users can immediately switch to passkeys and ditch their passwords and two-step verification codes when signing in. However, users should never create passkeys on a shared device, as anyone with access to the device can gain access to their Google account. Additionally, users can revoke passkeys in the Google account settings if they suspect their account has been compromised or if they lose the device that stored the passkey.
While it may take some time for passkey support to become widely adopted, Google accounts will continue to support existing login methods like passwords for the time being. However, Google is encouraging users to make the switch to passkeys now and plans to eventually transition entirely to passkeys in the future.
Andrew Shikiar, executive director of FIDO Alliance, praised Google’s announcement and predicted that it will accelerate the adoption of passkeys by other service providers. Passkey-supported sites and services are still relatively rare, but hopefully, more companies will follow in Google’s footsteps and embrace a passwordless future.