Google has started a campaign to allow users of personal accounts to sign in using the password replacement known as “passkeys.”
Users will be able to actively look for and enable the functionality once it goes live today for the company’s billions of accounts.
The passkey system relies on a separate paradigm that leverages cryptographic keys kept on your devices for account authentication in order to specifically combat phishing assaults.
Companies like PayPal, Shopify, CVS Health, Kayak, and Hyatt have built the infrastructure required to enable passkeys thanks to the industry alliance known as the FIDO Alliance.
To transition your Google account, you’ll navigate to this link, log in with your username, password, and any additional authentication factors, and then click “+ Create a passkey” on the device you’re using.
Christiaan Brand, an identity and security product manager at Google and co-chair of the FIDO2 technical working group, believes that Google has an opportunity to change the way users think about signing in.
Passkeys can sync between devices through end-to-end encrypted services like Google Password Manager and iCloud Keychain. Or, you can set up passkeys on multiple devices by generating a QR code on a device logged in to your Google account.
All your Google account passkeys will show up on the “Passkey Management Page,” where you can review and revoke them.
If you issue a passkey to log into your Google account on a shared device, revoke it once you’re done.
Google has announced that it is introducing passkeys to log in to its accounts on a variety of devices.
The company bets that, once people adjust to using passkeys, they will like them better and find them easier to manage than passwords.
In early tests on a few thousand users, sign-in success rates with passkeys were immediately higher than for traditional username and password logins.
Google hopes to discover and iron out as many of these issues as possible. Many smaller organizations can feel more confident implementing passkeys.
Google’s announcement comes on the eve of World Password Day on Thursday. But proponents are ramping up their efforts to make the occasion obsolete.
“Eventually, it’s going to be like World Horse and Buggy Day, I think,” Shikiar says.
