Sundar Pichai, CEO of Google, speaks during the company’s 2017 Cloud Next event in San Francisco.
Bloomberg | Getty Images
Passkeys allow you to sign into apps and websites by using whatever security your device uses — such as facial recognition, a PIN number, or a thumbprint on your phone — instead of entering a unique password into a web form for each site.
Google said in a blog post that passkeys are more secure than passwords because people can’t obtain them through phishing attacks, whereas you might accidentally give someone your password. In addition, your login wouldn’t be exposed if an app or service you use is hacked.
The company says passwords and two-factor authentication options are still available to users who aren’t ready to move to passkeys.
“When you add a passkey to your Google Account, we will start asking for it when you sign in or perform sensitive actions on your account. The passkey itself is stored on your local computer or mobile device, which will ask for your screen lock biometrics or PIN to confirm it’s really you,” Google explained in a blog post. “Together, this means that passkeys protect you against phishing and any accidental mishandling that passwords are prone to, such as being reused or exposed in a data breach,” it added.
Each device can store a passkey, so you don’t need to rely on your phone to log in to accounts when you’re using a computer. If you lose a device, you can remove the passkey from your Google account settings.
You can get started by visiting g.co/passkeys.