Google announced this morning that it has added support for passkeys to consumer Google accounts and will do so for Workspace accounts soon. Passkeys is a standardized new way to sign in to apps and websites that is easier to use and more secure than passwords.
“For some time we and others in the industry have been working on a simpler and safer alternative to passwords,” Google’s Christiaan Brand explains. “While passwords will be with us for some time to come, they are often frustrating to remember and put you at risk if they end up in the wrong hands.”
Google is implementing passkeys as a Google account sign in option alongside passwords and 2-step verification (2FA). With passkeys, you can sign in using whatever method—fingerprint reader, facial recognition, or PIN—you use to sign in to your device. (Right, exactly like Windows Hello.) You can also use a hardware security key like a Yubikey.
Unlike passwords, passkeys are resistant to online attacks like phishing, so they are more secure than alternate methods like one-time codes delivered over SMS. But for anyone—like me—who has been frustrated by having to type in a Google account password at all, something you don’t have to do with a Microsoft account, this is a major leap forward.
To enable passkeys with your Google account, just visit the Google account website and enroll.
Once you create a passkey, you will be prompted to create a passkey on any supported device that you use to sign in to your Google account. For example, when you sign in on a Windows PC with a passkey for the first time, a QR code will appear so you can scan it with your smartphone. You only need to do that once, and you will be asked to create a passkey on the PC so you can sign in more seamlessly in the future.