Table of Contents
Instead of having to enter the password for an account, you can just unlock your phone or computer (PIN, fingerprint, face unlock, etc). On the privacy front, “biometric data is never sent to Google’s servers or other websites and apps,” with a great deal of trust placed on phone/laptop security.
Passkeys have also been designed with user privacy in mind. When a user signs in with a passkey to their Workspace apps, such as a Gmail or Google Drive, the passkey can confirm that a user has access to their device and can unlock it with a fingerprint, face recognition, or other screen-lock mechanism.
Google first introduced passkey support for personal accounts as well as the Advanced Protection Program at the start of May.
It’s now coming to Google Workspace and Google Cloud accounts as an open beta today. Passkeys will be available for over 9 million organizations spanning businesses, schools, and governments, with Google noting how it’s the “first major public cloud provider to bring this technology to our customers.”
Especially for enterprises, passkeys can reduce phishing and other social engineering attacks since, compared to passwords, they “cannot be written down or accidentally given to an adversary.” According to early Google data (March – April 2023), “passkeys are 2x faster and 4x less error-prone than passwords.”
They are supported on Android, ChromeOS, iOS, macOS, and Windows, as well as Chrome, Safari, and Microsoft Edge.
Over the “next few days,” Google is “gradually enabling” passkeys for users and the corresponding console controls for Workspace administrators. Specifically, admins can allow people in their organization to “skip passwords at sign-in by using passkeys.”
This setting is off by default and has to be manually enabled by admins, though users “can still create and use passkeys as a 2-Step Verification (2SV) method” to be an alternative to the yes/no Google Prompt.
To start using passkeys instead of passwords, or as a 2SV method, in Google Workspace and Google Cloud, users can visit g.co/passkeys.
Create and manage your Google Passkeys, here’s how
Rather than pushing traditional passwords for account security, Google has been spearheading a new method that utilizes passkey. Passkeys are meant to be much more secure than conventional methods. So how do you set them up? This guide will help you create Google passkeys for compatible devices and manage existing ones.
What are Passkeys?
Differentiating passkey from conventional passwords can be a little confusing. As the technology progressed over the last year or so, it remained shrouded in a little bit of mystery. We, as users, didn’t really know what they would look like once they reach the public.
Now, we know that passkeys are just an extension of your device’s ability to utilize biometric logins instead of numerical passwords. For example, when logging into your Google Account, you can use a fingerprint reading or face unlock, if your phone is capable.
According to Google, creating passkeys means your account is more phishing-resistant and more secure than with a string of numbers, letters, and symbols. The user-facing upside is that you’ll never need to remember a login so long as passkeys are enabled. The only exception is if you choose to use a PIN or pattern rather than a fingerprint or face unlock.
Set up a Passkey for your device
For a majority of users, Google has opted to automatically create passkeys for some mobile devices with a Google account tied to them. Whichever method you use to sign into your device will be the method used for your Google Account.
Though some devices may be setup already, you can go and in see which devices have a passkey enabled. If you don’t see one for a device you want to enable it for, you can do so as long as it’s compatible. Here are the requirements:
- Laptop or desktop that runs at least Windows 10, macOS Ventura, or ChromeOS 109.
- Mobile device running at least Android 9 or iOS 16.
So long as the device meets these requirements, you’re good to create a Google Account passkey.
- Head to myaccount.google.com/signinoptions/passkeys.
- If the current device doesn’t use a passkey already, you’ll see Use passkey. Click or tap it.
- To set up a passkey for a different device, scroll to the bottom and hit Create a passkey.
- Note: It looks like this option is currently locked to Windows or macOS, with the option not showing up on mobile.
- Hit Use another device.
- Choose the device and follow the steps to verify it.
On a PC with a capable webcam or fingerprint reader, you might need to verify your Google Account on a separate device before you’re allowed to register that computer. It’s an extra step, though easy.
If you’re looking to retract access from any of your listed devices, you can always hit manage devices and sign out remotely. This will keep your account secured if you don’t necessarily need that device to have continued access.
Once you’re finished, you should be able to log in to your Google Account with a created passkey rather than your standard password. As Google continues to expand this feature and other companies follow, using passkeys will likely become the norm across most apps.