Google has announced a big update to help users who typically struggle with remembering passwords. The company is now integrating Passkeys to help you log in to the Google account with a fingerprint, a face scan or a screen lock PIN. It essentially means you can access Gmail and YouTube registered with the same Google account without a password. How does it work?
Firstly, Passkeys need to be enabled manually, and the option is already available. If you’re using Gmail, click on your profile photo > manage your Google account > security > Passkeys. The feature works on both Android and iOS. You can use it on Windows PCs with a fingerprint scanner integrated into the keyboard. Otherwise, there are external Passkeys available that works like a pen drive. When you do, Google will not ask for your password or 2-Step Verification (2SV) when you sign in.
Google explains Passkeys are a more convenient and safer alternative to passwords. They work on all major platforms and browsers and allow users to sign in by unlocking their computer or mobile device with their fingerprint, face recognition or a local PIN.
From a security standpoint, Passkeys can also prevent cyberattacks to an extent, since your password cannot be easily compromised. Google explains:
“Unlike passwords, passkeys can only exist on your devices. They cannot be written down or accidentally given to a bad actor. When you use a passkey to sign in to your Google Account, it proves to Google that you have access to your device and are able to unlock it. Together, this means that passkeys protect you against phishing and any accidental mishandling that passwords are prone to, such as being reused or exposed in a data breach.”
Since passkeys are stored on the device itself, you can create multiple passkeys for several devices. It means you can create a passkey for tablets, smartphones, and PCs, though the password is technically the same, which is your biometric scan. Moreover, if you want to sign in on a new device for the first time, or temporarily use someone else’s device, you can use a Passkey stored on your phone to do so. On the new device, you’d just select the option to “use a passkey from another device” and follow the prompts. However, this option is not yet available.
In a blog post, Google notes that the key component of a Passkey is a cryptographic private key – this is what is stored on your devices. Passkeys are an industry standard developed by the FIDO Alliance and the World Wide Web Consortium. Not just Google, other big tech companies, including Apple and Microsoft, want users to move to a password-less era.