Google announced today that passkeys are now rolling out to Google Account users globally.
The news comes nearly a year to the day after Google, Apple, Microsoft and the FIDO Alliance announced a partnership to make frictionless passwordless logins a reality across devices, operating systems and browsers.
While multifactor authentication mechanisms and password managers offer reasonable security improvements on traditional username/password workflows, they are not without their flaws. An authentication code sent via SMS can be intercepted, for example, while having to use additional third-party password management software is one hassle too many for some.
Long time coming
It’s worth noting that Google, as with Apple and Microsoft, already supported FIDO’s passwordless sign-in standard, but they were required to sign into each website or app with each device before they could use it. As a result of the alliance, however, the trio have set about implementing the standard across their respective systems, including browsers (e.g. Edge, Safari and Chrome) and operating systems (Android, MacOS and Windows). Effectively, this means someone wanting to access their Google Account on a Windows laptop can use a passkey from their iPhone.
Over the past year, the tech triumvirate have been slowly rolling out support for passkeys, with Apple introducing support to iOS back in September to enable iPhones to serve as log-in tools for any supporting website or app. PayPal introduced support for passkeys on iOS in October, with other companies such as Shopify, Kayak and DocuSign following suit.
From today, Google Account users will also be able to use passkeys.
Users can activate passkeys by logging into their Google Accounts, though this is entirely optional — passwords and other existing multifactor authentication tools are still very much operational.