In a significant move to bolster online security and streamline user experience, Google (NASDAQ:GOOGL) has declared that passkeys will now serve as the default sign-in option for all personal Google Accounts across its services and platforms.
Passkeys are a more secure alternative to traditional password-based authentication methods. They are device-specific and are securely stored and synchronised in the cloud to prevent account lockouts in the event of device loss.
This feature simplifies the login process by presenting users with prompts to create and use passkeys, and automatically enabling the 'skip password when possible' setting within their Google Account preferences.
By adopting passkeys, users substantially reduce the risks associated with data breaches and phishing attacks, as passkeys cannot be exploited to compromise accounts.
This #CybersecurityAwarenessMonth, skip your password and try passkeys for an easier and more secure sign-in. Just use your fingerprint, face scan or screen lock. Go passwordless and create a passkey for your Google Account → https://t.co/yU63EU7Jji #SaferWithGoogle pic.twitter.com/8rdkxOPam9— Google (@Google) October 10, 2023
Secure and user friendly
Google product managers Christiaan Brand and Sriram Karra said: "We've received really positive feedback from our users, so today we're making passkeys even more accessible by offering them as the default option across personal Google Accounts."
Following the setup of a device-linked passkey, users can conveniently sign into their Google accounts without having to rely on conventional passwords or 2-Step Verification (2SV).
These new digital keys work locally on the device where they have been registered and offer a range of options for secure access.
Additionally, passkeys facilitate seamless transitions to new devices, thus enhancing ease of use. They are compatible across all major web browsers and operating systems, including Windows, macOS, iOS, and ChromeOS.
Furthermore, they enable the use of biometric verification methods, such as fingerprint scanning and facial recognition, as well as hardware security keys, PINs, and screen lock patterns.
We're getting closer to that passwordless future we set out for 10+ years ago: Starting today we're offering passkey by default across personal Google Accounts and sharing where else you can use passkeys including with @Uber @eBay and soon @WhatsApp https://t.co/0Bzc3stdrx— Google Public Policy (@googlepubpolicy) October 10, 2023
Endorsed by Microsoft (NASDAQ:MSFT) and Apple (NASDAQ:AAPL)
This move follows Google’s initial support for passwordless sign-ins, introduced in May, and the addition of passkey support to its Android operating system and Chrome web browser in October 2022.
The company's shift towards passkeys is part of a broader industry trend that has also been endorsed by tech giants Microsoft and Apple.
In May 2022, these companies expressed their joint commitment to making passkeys a universal standard for password-less sign-ins, thereby solidifying Web Authentication (WebAuthn) credentials as the established method for secure account access.
Passwords will be "obsolete"
While acknowledging that the transition to passkeys will take time, Brand and Karra underscored Google's continued efforts to encourage the industry towards adopting this more secure and convenient form of authentication.
"We’ll keep you updated on where else you can start using passkeys across other online accounts. In the meantime, we’ll continue encouraging the industry to make the pivot to passkeys — making passwords a rarity, and eventually obsolete," they added.