Google has taken a significant step in enhancing online security by making passkeys the default sign-in option for all personal Google Accounts across its various services and platforms.
After setting up a passkey linked to their device, users can access their Google accounts without the need for traditional passwords or 2-Step Verification (2SV). Google’s product managers, Christiaan Brand and Sriram Karra, note that this move comes in response to positive user feedback and aims to simplify sign-ins. As a result, users will see prompts to create and use passkeys, along with the option to “skip password when possible” in their Google Account settings.
Passkeys are device-specific and offer a more secure and convenient alternative to traditional passwords. They enable the use of biometric sensors, PINs, hardware security keys, or screen lock patterns, enhancing the user experience while significantly reducing the risk of data breaches and phishing attacks. These passkeys are securely stored and synchronized in the cloud to ensure a seamless transition to new devices and are compatible with major web browsers and platforms, including Windows, macOS, iOS, and ChromeOS.
Google’s decision to promote passkeys builds upon its previous efforts to introduce passwordless sign-ins and passkey support, in line with industry trends. Collaborations with Microsoft and Apple have endorsed passkeys as a universal standard for passwordless sign-ins, particularly through Web Authentication (WebAuthn) credentials.
This move reflects a broader industry shift away from traditional passwords, with the goal of eventually rendering passwords obsolete in favor of more secure and user-friendly authentication methods. While traditional passwords and 2SV will still function for Google Accounts, the adoption of passkeys signifies a positive shift towards improved cybersecurity practices.