Users will soon be able to log in to their Google accounts without ever having to remember a single password again, according to the firm.
Instead, Google is betting big on passkeys, which are cryptographic keys kept on your device with zero information - you don't even know what they are. They enable you to access specific accounts without using a password; all you have to do is authenticate using your device's PIN or saved biometric data, such as your fingerprint or face.
Only a few large services, including BestBuy, PayPal, and eBay, already enable their clients to login to their accounts using passkeys, and Google is about to join them. Passkeys are part of the FIDO alliance, which establishes technological and social standards for them. All of the main tech companies are members of the alliance, including Apple, Amazon, Google, and Meta.
They are said to be safer because they are resistant to phishing and more convenient because the user does not have to remember anything. Traditional 2FA methods are likewise obsolete. The biometric information you use to authenticate is also not shared with Google or any other third party.
Once you've added a passkey, you'll be prompted to use it to access your Google account, as well as to confirm your identity if any unusual activity is discovered. They are compatible with iOS 16 and Android 9 devices and can be shared with other devices such as by using Apple's iCloud, or a compatible password manager such as 1password or Dashlane.
There is also the option to utilize a passkey from a device other than your own, allowing you to log in using a one-time passkey that will not transfer to your own device. Google advises against creating passkeys on shared devices since any other user can access your Google account.
Passkeys can also be canceled if users think that someone else is using them to access their accounts or if they misplace the device on which they are kept. Passkeys can also be used instead of physical security keys for members of Google's Advanced Protection Program.
Google account holders can continue to use their passwords if they like, and it will likely be some time before Google switches entirely to passkeys, as mainstream adoption is still a long way off.
“We’re thrilled with Google’s announcement today as it dramatically moves the needle on passkey adoption due both to Google’s size, and to the breadth of the actual implementation — which essentially enables any Google account holder to use passkeys,” said Andrew Shikiar, executive director of FIDO Alliance.
He added, “I also think that this implementation will serve as a great example for other service providers and stands to be a tipping point for the accelerated adoption of passkeys.”