Google has announced that passkeys are now the default sign-in option across all personal Google Accounts across its services and platforms. Passkeys are a simple and secure alternative to passwords that allow users to sign in with their fingerprint, face scan, or device screen lock, like a PIN.
Passkeys provide the strongest protection against threats like phishing and are stored on the local device, not shared with Google or any third-party partners.
What Are Passkeys and How Do They Work?
Passkeys are a new technology that Google helped develop as a member of the FIDO Alliance, an open industry association committed to helping reduce reliance on passwords, simplifying sign-ins, and making the Internet safer.
Passkeys use the FIDO2 protocol, which is supported by most modern browsers and operating systems. To create a passkey, users need to have a supported device and browser, such as Chrome 109 or up, Safari 16 or up, Edge 109 or up, Windows 10, macOS Ventura, ChromeOS 109, iOS 16 or Android 9.
Users also need to enable screen lock and Bluetooth on their devices. Users can create passkeys on multiple devices, including laptops, desktops, mobile phones, and hardware security keys.
To use a passkey to sign in, users simply need to tap on the “Use passkey” option on the sign-in screen and verify their identity with their fingerprint, face scan, or screen lock. Users can also use their password and a second factor, if they have one set up, to sign in.
The FIDO Alliance shared a post on Twitter:
— The FIDO Alliance (@FIDOAlliance) October 10, 2023
What Are the Benefits of Using Passkeys?
Passkeys offer several benefits over passwords for both users and developers. Some of the benefits are:
- Passkeys are easier and faster to use than passwords. Users do not need to remember or type passwords, which can be complex and hard to manage. Passkeys are four times simpler to use than passwords.
- Passkeys are more secure than passwords. Passwords can be guessed, reused, stolen, or compromised by phishing attacks. Passkeys are unique to each device and user and cannot be reused or copied. Passkeys provide the strongest protection against phishing attacks.
- Passkeys are more private than passwords. Passwords are frequently kept on servers or exchanged with third parties, which puts user data in danger. Passwords are kept locally on the device and are never given to Google or any other third party. Users authenticate their identities using their own biometric or screen lock information.
For additional recent articles, please follow the link provided below:
- Android 14 is Now Rolling Out to Google Pixel Devices
- Google Announces Assistant With Bard Powered by AI: How Does It Work?
How Can Developers and Partners Adopt Passkeys?
Passkeys are not only available for personal Google Accounts but also for Google Workspace customers and third-party apps and websites. Developers and partners can adopt passkeys by using the WebAuthn API, which is a web standard for authentication that supports the FIDO2 protocol.
By using passkeys, developers and partners can provide a simpler and safer sign-in experience for their users across Chrome and Android platforms.
Google has also partnered with brands from various industries, such as e-commerce, financial tech, and travel, to enable passkeys for their users. Some of the partners include Airbnb, Amazon, Bank of America, eBay, Netflix, PayPal, Spotify, Uber, and more.
What is the Future of Passkeys?
Google’s vision is to progress towards a passwordless future with passkeys as the default sign-in option for all users. Google believes that passkeys will make the Internet more secure and convenient for everyone.
However, Google also recognizes that some users may still prefer to use passwords or other methods of authentication. Therefore, Google will continue to support passwords and other options for users who want them.