Google Passkeys: A More Secure Way to Log In

Read Time:3 Minute, 2 Second

For as long as passwords have existed, there has been a constant struggle between choosing a password that is too simple and easy to remember or one that is too complicated and requires a password manager to recall. Two-factor authorization (2FA) became a popular way to enhance account security. But now, Google is offering another option: passkeys. Passkeys are a secure credential tied to the PIN or biometric authentication that your device already uses. This new feature only exists on your device, not in the cloud, which makes it even safer.

To try out this new feature, you will need to meet a few hardware and software requirements. You can create a passkey on any compatible hardware, including laptops/desktops with Windows 10 or macOS Ventura (or later) running Chrome 109, Safari 16, or Edge 109 or later. If you want to set up a passkey on a mobile phone or tablet, it must run iOS 16 or Android 9 (or later). You can also use it with any hardware security key that supports the FIDO2 protocol. Also, make sure that you have a screen lock enabled and that Bluetooth is turned on if you want to use your phone to sign into another device, such as a laptop. If you have a Google Workspace account through a school or employer, you won’t be able to set up a passkey for that account, but you can still use it for any personal Google account.

Setting up a passkey is easy. First, go to g.co/passkeys. If you have an Android phone that is already signed into that account, you might have already been automatically registered for a passkey. If so, your device will be listed under “Automatically created passkeys,” and you can click the blue “Use passkeys” button. Then, you’ll receive a pop-up saying that you can now use a passkey. Click “Done.” If your device isn’t listed (likely if you’re using an iPhone), select the “Create a passkey” button at the bottom of the page. At this point, it’s easier to use the device you want to use as a passkey. In other words, if you want to use your iPhone, use your iPhone instead of your computer to follow these directions. You’ll get a pop-up that allows you to use either the device you’re currently using as the passkey (in which case, select “Continue”) or be prompted to select “Use another device.” If you select the latter, you’ll be given a QR code to scan with your phone’s camera. If you’re using an iPhone, you may also be asked to turn on iCloud Keychain.

If you lose or sell a device that has a passkey, you can remove that device from your list of passkeys if the passkey was one that you created. Go to your Google account, select “Security” in the left-hand column, and scroll down to “How you sign in to Google.” Then select “Passkeys.” Under “Passkeys you created,” click the “X” next to the passkey you want to delete. If the passkey was automatically created by Google, you can’t delete it. Instead, you have to sign that device out of the account. As in the previous example, go to “Security” in the left-hand column, but this time, scroll down and select “Manage all devices.” Select the phone you want to sign out of and then choose “Sign out.”

If you want, you can always go back to using passwords and 2FA. To do so, go to your Google account and select “Security.” Scroll down to “Skip password when possible” and toggle it off.

Source: theverge