A world without passwords might sound dangerous, but not if you’re Google. The search engine company announced on Tuesday — the day before World Password Day — that it’s begun rolling out a new security tool that allows you to sign in to your Google accounts using a passkey instead — no password required. Apple and Microsoft have also said they will embrace passwordless logins.
Passkeys are a new type of login credential that removes the need for passwords. The authentication requires either biometric authentication — such as a fingerprint or facial recognition — or a PIN or swipe pattern used with Android for access.
According to passkey proponents, passkeys are resistant to phishing attacks (you can accidentally use a passkey on a malicious website, so it’s safer) and they are more convenient than managing passwords. They replace two-factor authentication (2FA), which can be burdensome when you have to wait to receive a text message and then type in a code just to access your account.
With all that being said, if you’re interested in a more seamless and secure way to sign in to your Google accounts, we’ll show you what to do to enable passkeys for Google. Here’s what you need to know.
Looking for a new phone? Check out the best iPhone and Android options for 2023.
If you want to use a hardware security key to enter your passkey and sign in to your Google accounts, Google has its own Titan Security Key. The key works with your computer, but can also connect to most iPhone and Android devices, as long as they support USB or NFC.
What are Google passkey requirements?
Before you set up your Google passkeys, you must meet the following requirements, which vary depending on what device you’re using.
- For mobile devices, you must be running at least iOS 16 or Android 9.
- For your computer, you must be running at least MacOS Ventura or Windows 10. Also, your web browser must be at least Chrome 109, Safari 16 or Edge 109.
How to set up passkeys with Google
In the web browser of your choice — on your phone, tablet or computer — head over to g.co/passkeys. If you’re already logged in to your current Google account, you’ll be asked to enter your normal password to verify your identity. If you need to switch accounts, tap the current email to choose from all your other Google accounts.
Now enter your password when prompted, and hit Next. On the following page, you’ll be asked to create a passkey. When the pop-up appears, hit Continue. The passkey will be saved to your device (for example, iCloud Keychain on iOS), which varies depending on your device.
You’ll need to follow any prompts and use whatever biometric your device asks to confirm your identity. Once you do, your passkey will be created for that device.
Note: There is an option to create a passkey using another device (tablet, external security key). However, the easiest method is to just create the passkey on the device you’re using.
You can now use your passkey to log in to your Google account. If you have two-factor authentication enabled, your passkey bypasses 2FA because a passkey means you have physical possession of your phone, which is what 2FA essentially does. Also, if you don’t want to use your passkey for any reason, you can always use your password to log in.
What happens if you lose your device but need to log in to your Google account?
If for any reason you lose your device or have it stolen, you can still log in to your Google account. Using another device that has access to your Google account, go to g.co/passkeys, sign in to your account using your usual password and remove the passkey associated with your lost or stolen device. Just hit the X next to the passkey and then hit Remove to get rid of it and go back to using your password.