Google has announced that it has begun rolling out passkey support for all Google accounts in an effort to further secure them from password reuse, phishing and being stolen by hackers.
After setting up passkeys with your Google account, you’ll no longer need to enter your password or use 2-step verification when logging into Gmail, Google Drive, Google Docs and the search giant’s other products according to BleepingComputer.
In a blog post announcing the roll out, Google Product managers Christiaan Brand and Sriram Karra explained that the change “means users can now take advantage of passkeys across Google Services for a passwordless sign-in experience”.
Unlike passwords which you need to remember or store in one of the best password managers, passkeys are linked to your computer, tablet, smartphone or other devices once they’ve been added to your Google account. They allow you to access your account by unlocking your device using a PIN or biometrics like your fingerprint or facial recognition.
What makes passkeys better than passwords
The best thing about passkeys is that each one is a unique digital key that can’t be reused which can make a huge difference when it comes to fighting phishing attacks. Likewise, since they’re stored in an encrypted format on your devices instead of on a company’s servers, they also can’t be leaked online following a data breach.
By using biometric authentication, PINs or patterns for signing in, you also won’t need to create strong, complex passwords or have to remember them. Passkeys rely on a public key and a private key to work. While the public key is stored on a company’s servers, the private key remains on your devices and can’t be easily stolen.
When you login using a passkey instead of a password, the only information shared with Google is the public key along with the signature used to verify your private key. Fortunately, neither contains any of your biometric information.
If you do happen to lose the device that has your passkeys on it, don’t worry as passkeys are backed up and synced to the cloud. In order to recover them, you just need to provide the lock screen PIN, password or pattern from your old smartphone.
How to set up passkeys for your Google account
At the moment, Google is offering passkey support as another sign-in option when logging into your Google account. However, as the transition to only using passkeys will take time, passwords and two-step verification will still work for Google Accounts.
Passkeys are now generally available and if you want to try them out for yourself, you can do so here. However, you won’t have the option to use them with your work account just yet as they still aren’t supported with Google Workspace accounts. When passkeys do become available for Google Workspace, an administrator at your company will need to enable them before you can use them.
Now that Google, Microsoft, Apple and many other tech giants have fully embraced passkeys and have begun rolling out support for them, we could see passwords disappear almost entirely over the next few years.
Whatever you use to safeguard your info and access to it, it's still a password. You can call it anything you want like pass keys but it's still a password which requires record keeping. Only biometrics can kill passwords. Capice?