Google Adopts Passkeys as Default Sign-In Method for Users, Pushing Toward Passwordless Future

Google announced on Tuesday that it will now enable passkeys as the default sign-in method for all users, five months after initially rolling out support for the passwordless FIDO Alliance standard on Google Accounts across platforms.

“This means that the next time you sign in to your Google Account, you’ll start seeing prompts to create and use passkeys, simplifying future sign-ins,” said Google’s Sriram Karra and Christiaan Brand. “You’ll also see the ‘skip password when possible’ option enabled in your Google Account settings.”

Passkeys are a new form of authentication that eliminates the need for passwords by using public-key cryptography to verify a user’s identity. The private key is securely stored on the user’s device, while the public key is stored on the server.

Each passkey is unique and bound to a specific user account and service. Users will have distinct passkeys for each platform, like Android, iOS, Windows, and macOS.

The service generates a random challenge sent to the user’s device when signing in using passkeys. The user verifies their identity using biometrics or a PIN to cryptographically sign the challenge, which the server sends back and validates using the corresponding public key.

Passkeys provide two key benefits – eliminating password fatigue while resisting phishing and safeguarding accounts from takeover.

The move comes after Microsoft introduced passkey support in Windows 11, while significant platforms like eBay and Uber have also enabled passkeys in recent months. This marks an industry-wide shift toward passwordless authentication for improved security.