Google has announced that passkeys will now be the default sign-in option for all personal Google accounts. Passkeys offer a safer and faster alternative to passwords [4], allowing users to sign into their accounts using biometrics [1], PINs [1] [4], or physical security keys [1].
Description
Passkeys utilize facial recognition [4], fingerprint scans [4] [5] [9] [10], or a PIN number [4], making phishing attacks ineffective [4]. They cannot be easily brute-forced or phished, eliminating the need for users to memorize passwords or go through a two-step verification process [7]. When users opt for passkeys [7], Google generates a pair of cryptographic keys [7]. The private key is stored on the user’s device and protected by biometrics [7], a PIN [4] [7], or a password [2] [7] [8], while the public key remains with Google [7], making it difficult for hackers to gain access to the account [7].
Passkeys were developed by the FIDO Alliance [7], which includes tech firms like Microsoft [5], Apple [5] [8], and Google [1] [3] [5] [6] [7] [8]. Major technology companies have implemented passkey managers in their operating systems [7], with Apple already supporting passkeys in iOS 16. Passkeys can be transferred between platforms [7], shared with others [7], and synced across devices [7]. They are already being used as alternatives for various apps [5], including YouTube [4] [5] [10], Search [4] [5] [9], Maps [4] [5], Uber [4] [5] [8] [10], eBay [4] [5] [8] [10], and WhatsApp [5] [10]. Major websites and apps are also showing support for passkeys, with WhatsApp planning to add support in the future [10].
Passkeys offer increased security as they cannot be phished or stolen [10]. They are 40% faster than passwords and rely on device authentication such as fingerprint or face ID. They are supported by major web browsers like Google Chrome [10], Edge [10], Opera [10], and Safari [10], and can be created on devices running Windows [10], macOS [10], Android [5] [10], iOS [5] [10], and Chrome OS [10]. However, Linux is not yet supported [10].
Google aims to make passkeys the default option for password creation and eventually make passwords obsolete [5]. Traditional passwords will still be supported [5], and users can choose to disable passkeys if desired [5]. Google has been supporting passkeys since May 2022 and has received positive feedback from users. Passkeys will be the default option for personal Google Accounts [3] [7], and users who haven’t set up passkeys will receive prompts to create and use them when signing in [2]. Additionally, Google is enabling a ‘Skip password when possible’ option in Google Account settings [3].
Conclusion
The shift towards passkeys highlights the need for alternative authentication methods and their potential to transform online identity security [6]. Passkeys offer improved security and convenience, with faster sign-in times and protection against phishing attacks. As major technology companies and websites show support for passkeys, their adoption is likely to increase. Passkeys have the potential to make passwords obsolete and provide a more secure and efficient way for users to access their accounts.
References
[1] https://techcrunch.com/2023/10/10/google-makes-passkeys-the-default-sign-in-method-for-all-users/
[2] https://www.tomsguide.com/news/google-is-adding-a-new-default-sign-in-option-for-your-account-heres-why-thats-a-big-deal
[3] https://www.infosecurity-magazine.com/news/google-passkeys-default-sign-in/
[4] https://www.cnbc.com/2023/10/10/google-passkeys-now-default-login-option-for-google-accounts.html
[5] https://www.cnn.com/2023/10/10/tech/google-passkeys-default-password/index.html
[6] https://robots.net/news/google-implements-passkeys-as-default-sign-in-method-for-all-users/
[7] https://www.howtogeek.com/google-accounts-passkey-default/
[8] https://www.wired.com/story/google-passkey-default/
[9] https://arstechnica.com/gadgets/2023/10/google-will-now-make-passkeys-the-default-for-personal-accounts/
[10] https://www.androidcentral.com/apps-software/google-account-passkey-access-by-default
