Google is making passkeys the default sign-in option across its services for all users, the tech giant announced in October 2023.
Users will be prompted to create a passkey that can be used to log into various Google services without passwords or two-step verification.
Google’s adoption of passcodes as the default authentication method follows positive user feedback since its introduction on Android and Chrome in May 2022, close to World Password Day. At least 64% of users said passkeys were easier to use than passwords or two-factor authentication.
“We’ve received really positive feedback from our users, so today we’re making passkeys even more accessible by offering them as the default option across personal Google Accounts,” Google wrote in a blog post.
Additionally, Google found that logging in using passkeys was 40% faster than other authentication methods, thus saving users’ time and energy.
Other advantages of using passkeys include eliminating the need to remember multiple passwords and enhanced security by reducing the risk of stolen login credentials, password spraying attacks, and phishing. Additionally, passkeys rely on the public key cryptographic algorithm, making them safer than passwords.
Google makes passkeys the default sign-in option
In May 2023, Google allowed users to select passkeys as the default sign-in option to access services across web and mobile apps.
To begin the passwordless journey, Google will prompt setting up passkeys and selecting them as the default sign-in option.
Thus, the next time you sign in to your Google account, you will receive prompts to create and use passkeys for future sign-ins and a ‘skip password when possible option.’
When turned on, users can authenticate without a password or opt out of passkeys altogether when disabled. Google noted that “new technologies take time to catch on,” thus allowing users to opt out. It remains unclear whether Google will enforce passkeys as the default sign-in option in the future.
Meanwhile, Google promised the passkeys would work with fingerprint, face scan, screen lock, and physical security key devices. Google will also synchronize passkeys to avoid locking out users after losing their devices and allow them to enrol new devices seamlessly. Additionally, the passcodes will work across most platforms, including Microsoft Windows, Apple’s iOS and macOS, and Google’s own Android and ChromeOS.
Google encourages others to ditch passwords
Google encourages other industry players to ditch passwords and embrace passcodes, making traditional passwords a rarity and eventually obsolete.
However, supporting passkeys as the default sign-in option across third-party services might take a while, although others, such as password managers, already use them to authenticate users. Subsequently, Google is not making grand promises or giving timelines.
“We’ll keep you updated on where else you can start using passkeys across other online accounts,” the company said.
Nevertheless, Microsoft and Apple plan to support passkeys as an alternative sign-in option, bringing a passwordless future close to reality. Uber and eBay have enabled the passwordless sign-in option while WhatsApp compatibility is underway.
According to Microsoft, the “multi-device FIDO credentials” would be a monumental step towards a passwordless future.
“Despite their potential, the adoption of passkeys has been slow,” said Darren Guccione, CEO and Co-Founder at Keeper Security. “Out of more than a billion websites that exist, only around 55 currently support passkeys.”
“This limited support can be attributed to several factors, including underlying platform support, website changes and the fact that it’s not a default setting, so the user must take action to configure or set it up. Consistent support from major platforms and browsers is key in promoting widespread adoption of the technology,” added Guccione.
Describing the transition as “cautiously promising,” Guccione warned that “passkeys might not entirely replace passwords” but will coexist like digital payments and cash.