Image credits: Google
Google today announced that passkeys are now being rolled out to Google Account users globally.
This news comes nearly a year to the day after Google, Apple, Microsoft, and the FIDO Alliance announced a partnership to make passwordless logins a reality across devices, operating systems, and browsers.
While multi-factor authentication mechanisms and password managers offer reasonable security improvements over traditional username/password workflows, they are not without their drawbacks. An authentication code sent via SMS, for example, can be intercepted, while having to use additional third-party password manager software is too much trouble for some.
With passkeys, users’ authentication is essentially synced across all their devices via the cloud using cryptographic key pairs, allowing them to log into websites and apps using the same biometrics or screen lock PIN they use to unlock their devices. This makes it more difficult for bad actors to access user accounts remotely, since physical access to a user’s machine is required.
long time come
It’s worth noting that Google, as with Apple and Microsoft, already supported FIDO’s passwordless sign-in standard, but they were required to sign into every website or app with every device before they could use it. As a result of the alliance, the trio set out to implement the standard across their platforms including browsers (such as Edge, Safari, and Chrome) and operating systems (Android, MacOS, and Windows). Effectively, this means that anyone who wants to access their Google account on a Windows laptop can use a passkey from their iPhone.
Over the past year, the tech trio has been slowly rolling out support for passkeys, with Apple introducing support for iOS back in September to enable iPhones to act as logins for any supporting website or app. PayPal introduced support for passkeys on iOS in October, with others like Shopify, Kayak, and Docusign following suit.
Starting today, Google Account users will also be able to use passkeys.
Users can activate passkeys by logging into their Google accounts, though this is completely optional — existing passwords and multi-factor authentication tools are still very functional.
It appears that passkeys are currently only compatible with personal accounts, as Google has indicated that Workspace admins will have the option to enable this for their users “soon.”