Google has announced that passkeys, touted by the tech giant as the “beginning of the end” for passwords, are becoming the default sign-in method for all users.
Passkeys are a phishing-resistant alternative to passwords that allow users to sign into accounts using the same biometrics or PINs they use to unlock their devices, or with a physical security key. This removes the need for users to rely on the traditional username-password combination, which has long been susceptible to phishing, credential stuffing attacks, keylogger malware or simply being forgotten.
While security technologies multi-factor authentication and password managers add an extra layer of security to password-protected accounts, they are not without flaws. Authentication codes sent via text messages can be intercepted by attackers, for example, and password managers can (and have been) hacked.
Google has been an early backer of passkeys. The technology giant first pledged its support for the password alternative in May 2022, and announced support passkeys in Android and Chrome. In May, Google announced that support for the passwordless technology was rolling out to Google account owners globally.
On Tuesday, the company took a step closer toward killing off the password with the announcement that it’s making passkeys the default authentication method for all Google Account holders.
“This means, next time you sign in to your Google Account, you’ll start seeing prompts to create and use passkeys, simplifying your future sign-ins,” said Google product managers Christiaan Brand and Sriram Karra. “Our goal is the same as it has always been, giving you technology that is secure by default, so that you have the strongest security but without the burden.”
