Google is announcing a major effort to let personal account holders log in with a password replacement known as “passkeys”.
The feature has launched for the company’s billions of accounts; users can proactively seek is out and turn it on. Google will continue to promote passkeys in the coming months by nudging account holders to convert their traditional username and password login to a passkey. While password-based authentication has been standard across the internet and computing for decades, the system has security issues, like attackers stealing passwords and gaining access. Passkeys are specifically designed to address phishing attacks and rely on a model using cryptographic keys stored on your devices for account authentication. You can login using biometric sensors like fingerprints or face scanners, your smartphone’s device lock PIN, or physical authentication dongles.
Google, Microsoft, and Apple have all launched the necessary infrastructure to support passkeys. The next step toward passkey adoption among users is for services to actually offer passkeys as a login option. While some companies have already done so, having a company like Google enable this with so many people, it will likely accelerate other companies’ deployment plans, help them deploy better, and change the way users think about signing in by becoming more accustomed to the technology.
Passkeys can sync between devices through end-to-end encrypted services or by generating a QR code on a logged in device to use on another device you want to log in to. Google account passkeys will all be listed on the “PassKey Management Page” where they can be reviewed and revoked. To learn more about the new feature, and how to transition your Google account, visit here.