Google is making it easier for users to ditch passwords on their Google accounts in favor of passkeys — a fast, secure, and passwordless approach to logins that utilizes the pin, face, or fingerprint authentication built into your devices. Starting today, Google account users will be prompted to create a passkey for their account by default, sparing them from manually hunting through account settings for the setup process.
While the industry-wide goal is to eventually make passkeys the new login standard, Google says that passwords will “still remain part of our lives as we make the pivot.” As such, users can still choose to sign in to their Google account with traditional passwords and can opt out of using passkeys entirely by disabling the “skip password when possible” option for their account.
Built on WebAuthn (or Web Authentication) tech, two different keys are generated when you create a passkey: one stored by the website or service where your account is and a private key stored on the device you use to verify your identity.
Of course, if passkeys are stored on your device, what happens if it gets broken or lost? Since passkeys work across multiple devices, you may have a backup available. Many services that support passkeys will also reauthenticate to your phone number or email address or to a hardware security key if you have one.
Apple’s and Google’s password vaults already support passkeys, and so do password managers like 1Password and Dashlane. 1Password has also created an online directory listing services that allow users to sign in using a passkey.
Google has introduced passkey support to a range of its products over the last year, including Workspace and Cloud accounts and its Chrome web browser. Many leading websites and apps also support passkeys. You can find more information about where they can currently be used via this directory created by the 1Password password management service.
https://www.theverge.com/2023/10/10...ey-setup-prompt-default-passwordless-security
While the industry-wide goal is to eventually make passkeys the new login standard, Google says that passwords will “still remain part of our lives as we make the pivot.” As such, users can still choose to sign in to their Google account with traditional passwords and can opt out of using passkeys entirely by disabling the “skip password when possible” option for their account.
What are passkeys?
Passkeys can replace traditional passwords with your device’s own authentication methods. That way, you can sign in to Gmail, PayPal, or iCloud just by activating Face ID on your iPhone, your Android phone’s fingerprint sensor, or with Windows Hello on a PC.Built on WebAuthn (or Web Authentication) tech, two different keys are generated when you create a passkey: one stored by the website or service where your account is and a private key stored on the device you use to verify your identity.
Of course, if passkeys are stored on your device, what happens if it gets broken or lost? Since passkeys work across multiple devices, you may have a backup available. Many services that support passkeys will also reauthenticate to your phone number or email address or to a hardware security key if you have one.
Apple’s and Google’s password vaults already support passkeys, and so do password managers like 1Password and Dashlane. 1Password has also created an online directory listing services that allow users to sign in using a passkey.
Google has introduced passkey support to a range of its products over the last year, including Workspace and Cloud accounts and its Chrome web browser. Many leading websites and apps also support passkeys. You can find more information about where they can currently be used via this directory created by the 1Password password management service.
https://www.theverge.com/2023/10/10...ey-setup-prompt-default-passwordless-security
