Google has announced that passkeys, touted by the tech giant as the “beginning of the end” for passwords, are becoming the default sign-in method for all users.
Passkeys are a phishing-resistant alternative to passwords that allow users to sign into accounts using the same biometrics or PINs they use to unlock their devices, or with a physical security key. This removes the need for users to rely on the traditional username-password combination, which has long been susceptible to phishing, credential stuffing attacks, keylogger malware or simply being forgotten.
While security technologies multi-factor authentication and password managers add an extra layer of security to password-protected accounts, they are not without flaws. Authentication codes sent via text messages can be intercepted by attackers, for example, and password managers can (and have been) hacked.
Passkeys, on the other hand, are made of two parts: one part is left on the app or website’s server, and the other is stored on your device, which allows you to prove that you are the legitimate owner of the account. This also makes it near-impossible for hackers to remotely access your account, given that physical access to a user’s device is needed, even in the event of a server breach.
Google has been an early backer of passkeys. The technology giant first pledged its support for the password alternative in May 2022, and announced support passkeys in Android and Chrome. In May, Google announced that support for the passwordless technology was rolling out to Google account owners globally.
On Tuesday, the company took a step closer toward killing off the password with the announcement that it’s making passkeys the default authentication method for all Google Account holders.
“This means, next time you sign in to your Google Account, you’ll start seeing prompts to create and use passkeys, simplifying your future sign-ins,” said Google product managers Christiaan Brand and Sriram Karra. “Our goal is the same as it has always been, giving you technology that is secure by default, so that you have the strongest security but without the burden.”
Google says that since the launch of passkeys for Google accounts, 64% of users have said they find passkeys easier to use compared to traditional methods like passwords and two-step verification.
Google says that it encourages all users to start using passkeys as their primary sign-in option. TechCrunch recommends this too, as while setting up passkeys might seem like a chore, it’s an investment that can save you from a potential security disaster down the road. It could save you valuable time, too, as Google claims that logging in via passkeys is 40% faster than using a password.
Read more on TechCrunch:
- Windows 11 gains support for managing passkeys
- Apple will automatically assign an Apple ID passkey for users
- GitHub launches passkey support into general availability
- Safari will soon make it easier to share phishing-resistant passkeys
- PayPal rolls out support for passkeys on Apple devices
- iOS 17 includes these new security and privacy features