Google is now offering users the option of using passkeys instead of passwords to sign in.
Starting Wednesday, account holders can use passkeys to login to their accounts with a fingerprint, a face scan or a screen lock PIN. Passkeys are safer than passwords, and they are resistant to phishing, Google said.
“While passwords will be with us for some time to come, they are often frustrating to remember and put you at risk if they end up in the wrong hands,” the company said in a blog post.
Passkeys can only exist on specific devices. When someone signs in with a passkey, it proves to Google that the user has access to the device and is able to unlock it.
“Together, this means that passkeys protect you against phishing and any accidental mishandling that passwords are prone to, such as being reused or exposed in a data breach,” Google said.
For now, passkeys are just an option. Users who set them up can still login with passwords. In some instances, they may need to use a password because not all devices support passkeys.
Google noted that when a passkey is created on a shared device, anyone with access to the device who has the ability to unlock it will be able to login to the connected Google account.
“While that might sound a bit alarming, most people will find it easier to control access to their devices rather than maintaining good security posture with passwords and having to be on constant lookout for phishing attempts,” Google said in a blog post.
Users will be able to use someone else’s device to temporarily access their Google accounts by selecting “use a passkey from another device.” It won’t transfer passkey ownership to the new device, and will just create a one-time sign-in.
Currently, passkeys only work for personal Google accounts. Google Workspace administrators will soon have the option of enabling passkeys for users.
PayPal, Kayak and eBay are among the companies offering passkeys for login purposes.