Google’s next move towards a passwordless world is here. The announcement has been made , that passkeys – a new cryptographic key solution that requires preauthenticated devices – will be coming to Google Accounts on all major platforms. Google users can now switch to passkeys, and completely ditch their passwords.
Passkeys is a safer and more convenient alternative to traditional passwords. It’s a technology that has been pushed by Google Apple Microsoft, as well as other tech companies affiliated with FIDO alliance. Passkeys can replace passwords, 2FA and SMS verification systems with local PINs or the device’s biometric authentication – such as fingerprints or Face ID. The biometric data will not be shared with Google or any third parties. Passkeys are only available on your device, providing greater security since there is no password to be stolen.
Google Accounts will ask for your passkey when they detect sensitive activity to verify your identity or sign in.
It is possible to use another device temporarily to gain temporary access to your Google Account. The “use a key from another device” option will create a single sign-in, and the passkey won’t be transferred to the new hardware. Google warns that you shouldn’t create passkeys for shared devices because anyone who can unlock and access that device will be able access your Google account. Google Passkey Support means you don’t have to worry about remembering long passwords, or jumping through different authentication services in order to sign in.
The Google account settings allow users to immediately revoke their passkeys if there is any suspicion that another person may be able to access their account, or if the device on which the passkey was stored has been lost. Google states users who are enrolled in its advanced protection program can use passkeys instead of their physical security keys.
In a press release, Andrew Shikiar said, “We are thrilled with Google’s announcement today, as it dramatically changes the needle for passkey adoption, due to both Google’s size and the breadth that the implementation is implemented — which enables anyone who has a Google account to use passkeys.” I also believe that this implementation is a great model for other service providers, and will be a tipping-point for the adoption of passkeys.
Google will continue to support passwords and other existing login methods for some time. It gives people who don’t have access to devices that support biometric authentication the time they need to switch to this new technology. Google appears to be planning a complete transition to passkeys. It encourages users to switch to the new method now, and writes in its blog about how it will examine other sign-in options “as passkeys become more familiar and widespread.”
Google has already implemented smaller passkey implementations. Google’s Chrome web browser added support for passkey in December of last year. However, passkey-compatible sites and services remain relatively rare. It’s not possible to completely eliminate passwords just yet. 1Password’s page lists which services and sites are compatible with passkeys. Hopefully, the authentication technology will be adopted more quickly now that companies such as Google are embracing a future without passwords.