The passkeys are coming to personal Google accounts on all major platforms. Starting May 3, Google users can create and use passkeys and Google will not ask for your password or 2-Step Verification (2SV) when you sign in.
Use of passkeys has been pushed by Google, Apple, Microsoft, and other tech companies aligned with the FIDO Alliance.
Why are passkeys better than passwords?
Passkeys are a more convenient and safer alternative to passwords and other forms of 2-step verification. This authentication method works on any device that has registered passkeys.
They work on all major platforms and browsers, and allow users to sign in by unlocking their computer or mobile device with their fingerprint, face recognition or a PIN.
Passwords may be troublesome for people. First, choosing strong passwords and then remembering them across various accounts can be a task. Furthermore, with an increase in cybercrime, people are often misled into giving passwords that many times lead to financial losses.
When it comes to 2-step verification, the process helps but “again puts strain on the user with additional, unwanted friction and still doesn’t fully protect against phishing attacks and targeted attacks like ‘SIM swaps’ for SMS verification.” Passkeys address all these issues.
“Unlike passwords, passkeys can only exist on your devices. They cannot be written down or accidentally given to a bad actor. When you use a passkey to sign in to your Google Account, it proves to Google that you have access to your device and are able to unlock it,” Google said in a blog post.
What do users need to do?
No action is required from users as they can change this anytime by turning off Skip password when possible in Google Account security page.