Google makes passkeys default authentication system in turn to biometrics
Google introduced a new feature earlier this year that allows users to sign into their accounts using passkeys. After receiving positive user feedback, Google is now making passkeys the default option across personal accounts.
This means that the next time a user signs into their account, they will be prompted to create and use passkeys. Additionally, the “Skip password when possible” option will be enabled by default in their account settings.
The passkey will be established through either a fingerprint, face scan, or PIN. Google claims that the new passkey method will be 40 percent faster and rely on a type of cryptography that makes it more secure than the legacy password method.
Users will be given the option to opt out of passkeys by turning off “Skip password when possible.”
Google joins the wave of companies moving toward biometric and PIN-based passkeys, with the goal of making the sign-in process faster and more secure.
Eduardo Azanza, CEO at Veridas, providing insight into the changing landscape of online security and Google’s new move in an email to Biometric Update, states, “The traditional password systems have shown to fail time and time again, as huge volumes of credentials are stolen every day. As the digital threat landscape evolves, cybersecurity and online practices must evolve with it. Therefore, the move by Google to set passkeys as the default sign-in credential is a strong message that we are moving toward a passwordless future.”
On the use of biometrics, he adds, “Biometric verification enhances the user experience by streamlining identity verification procedures. Users no longer need to remember numerous passwords, undergo password resets due to forgetfulness or endure lengthy dual authentication processes. Biometrics swiftly verifies and authenticates users in mere seconds, sparing them the frustration typically associated with password-based authentication.”
Google notes the increasing adoption of passkeys, with major consumer brands like Uber and eBay going passwordless and WhatsApp set to join them soon.
Andrew Shikiar, the executive director and CMO of the FIDO Alliance, told Tom’s Guide, “There is a fundamental difference between passwords, which are human-readable ‘secrets’ transmitted over the internet, and passkeys, which are a possession-based authentication method leveraging advanced cryptography.” He adds, “Passkeys change the paradigm of how people are typically authenticating online today by replacing the password with an unphishable primary factor for user authentication that is built into virtually every modern computing device today.”