Unlock a safer future: Swap your Google password for a cutting-edge passkey today 07/05/2023 – Posted in: Information Security – Tags: , , ,

Time needed to read: 4 minutes

Good news for those who detest passwords—Google is one step closer to being password-free as it has now made passkeys available to all individual account users.

Google has unveiled a feature that permits you to log into your account from any device using a PIN or biometric, such as your face or fingerprint, rendering that pesky password obsolete. If you want to take advantage of this innovation, you can keep reading to learn how to activate passkeys for your Google account.

Establishing a passkey for a Google account

Currently, passkeys are for single-user accounts, not for Google Workspace accounts. To see what the passkey offers, go to your Google Account page, and click Security in the left-hand sidebar.

When signing in to Google, select Passkeys and enter your password before you make any alterations–this might be the last time you use it. Then, look for the blue button that says “Start with passkeys.” Click on it, and Google will create and store the necessary passkeys on your device. The next time you log in, you’ll have to use one of your authentication methods: your face, fingerprint, or PIN.

When you sign in with your Android device, it will be listed on the passkey menu. Google will generate a unique passkey for each device, allowing you to access your data on those devices effortlessly.

Passkeys can be used as a security measure if you need to sign into your account on a different device. A list of devices will appear when selecting passkeys as the authentication method. You can choose your phone from the list and then follow the instructions on the device to complete the login process.

It is necessary to mention a word of caution.

Typically, Google passkeys work with no difficulty, but it is possible to run into issues as tech companies adjust to this relatively recent security approach. This system, termed WebAuthentication, involves generating a pair of related keys; one is retained by the service you are attempting to log in with (Google in this case), and the other, a private key, is kept on your device.

This type of sign-in system is highly secure due to its twofold nature, as the service provider never sees the private key, only needing to be aware of its presence. However, if the user has multiple devices with different operating systems, the local storage of the passkey may cause complications.

Those who solely use Apple products are fortunate; the California company iCloud keychain allows the synchronization of passkeys across Macs, iPhones, and iPads, as long as the same iCloud account is utilized. If a Windows PC or Android phone is incorporated, the situation becomes complicated, necessitating the usage of a secondary device to authenticate the user. In such cases, one of the backup devices previously mentioned can be helpful.

The aspiration is that integration between operating systems will eventually be total, enabling you to sign in to all your accounts regardless of the device’s make or OS. As a temporary solution, you may want to experiment with passkeys to see if they suit you. In the worst-case scenario, you can always discard the idea and entrust a password manager responsible for remembering your login credentials.