Google Ditches Passwords In Favour Of Passkeys

Alphabet’s Google moved one step closer this week to its stated intention to bring about ‘the end’ for the humble password.

Google’s senior product manager Sriram Karra in a blog post on Tuesday announced the firm’s intention to make passwords obsolete by prompting users to create default ‘passkeys’ in order to unlock accounts and devices with a fingerprint, face scan or pin number.

It comes after Google in May this year had announced that passkeys – a cryptographic keys solution that requires a preauthenticated device – was being rolled out to Google accounts on all major platforms.

Google passkeys

Google has been developing enhanced authentication for a while now.

In January 2020 for example, Google updated its Smart Lock app for iOS devices, which meant that modern iPhones could be used as a physical security key for Google apps such as Gmail, Drive etc.

A passkey is a digital credential, tied to a user account and a website or application. Passkeys allow users to authenticate without having to enter a username, password, or provide any additional authentication factor.

The passkey is designed to replace passwords entirely by allowing authentication with fingerprint ID, facial ID or pin on the phone or device you use for authentication.

Now this week Google’s Sriram Karra said in the blog post that Google had “received really positive feedback from our users, so today we’re making passkeys even more accessible by offering them as the default option across personal Google Accounts.”

“This means the next time you sign in to your account, you’ll start seeing prompts to create and use passkeys, simplifying your future sign-ins,” wrote Karra. “It also means you’ll see the ‘Skip password when possible’ option toggled on in your Google Account settings.”

Google’s Karra wrote that in order to use passkeys, users just utilise a fingerprint, face scan or pin to unlock their device, and they are 40 percent faster than passwords – and rely on a type of cryptography that makes them more secure.

“But while they’re a big step forward, we know that new technologies take time to catch on – so passwords may be around for a little while,” noted Karra. “That’s why people will still be given the option to use a password to sign in and may opt-out of passkeys by turning off ‘Skip password when possible.’”

Phishing resistant

Karra said that one of the most immediate benefits of passkeys Google has found, is that they spare people the headache of remembering all those numbers and special characters in passwords. They’re also phishing resistant.

“Since launching earlier this year, people have used passkeys on their favourite apps like YouTube, Search and Maps, and we’re encouraged by the results,” wrote Karra. “We’re even more excited to see the growing adoption of passkeys across industry.”

“We’ll keep you updated on where else you can start using passkeys across other online accounts,” Karra concluded. “In the meantime, we’ll continue encouraging the industry to make the pivot to passkeys – making passwords a rarity, and eventually obsolete.”