Passkeys: The beginning of the end of the password
For some time we and others in the industry have been working on a simpler and safer alternative to passwords. While passwords will be with us for some time to come, they are often frustrating to remember and put you at risk if they end up in the wrong hands.
Last year — alongside FIDO Alliance, Apple and Microsoft — we announced we would begin work to support passkeys on our platform as an easier and more secure alternative to passwords. And today, ahead of World Password Day, we’ve begun rolling out support for passkeys across Google Accounts on all major platforms. They’ll be an additional option that people can use to sign in, alongside passwords, 2-Step Verification (2SV), etc.
So maybe by next year’s World Password Day, you won’t even need to use your password, much less remember it!
What are Passkeys?
Passkeys are a new way to sign in to apps and websites. They’re both easier to use and more secure than passwords, so users no longer need to rely on the names of pets, birthdays or the infamous “password123.” Instead, passkeys let users sign in to apps and sites the same way they unlock their devices: with a fingerprint, a face scan or a screen lock PIN. And, unlike passwords, passkeys are resistant to online attacks like phishing, making them more secure than things like SMS one-time codes.
Over the past year we’ve shared updates on bringing passkey experiences to both Chrome and Android, which services like Docusign, Kayak, PayPal, Shopify and Yahoo! Japan have already deployed to streamline sign-in for their users. Starting today, this will be available as an option for Google Account users who want to try a passwordless sign-in experience.
Passkeys for Google Accounts
Today, passkeys for Google Accounts are available. You can try them out at g.co/passkeys and setting it up is easy.
For Google Workspace accounts, administrators will soon have the option to enable passkeys for their end-users during sign-in.
Of course, like any new beginning, the change to passkeys will take time. That’s why passwords and 2SV will still work for Google Accounts.
We look forward to helping people, and others in the industry, take this next leap to make signing in easier and safer with Google.
Source: Official Google Safety & Security Blog