Passwordless Google Accounts Are Here - You Can Now Switch To Passkey-Only

Google is taking a big step toward our supposedly passwordless future by enabling passkey-only Google accounts. From a report: In the blog post, titled "The beginning of the end of the password," Google says: "We've begun rolling out support for passkeys across Google Accounts on all major platforms. They'll be an additional option that people can use to sign in, alongside passwords, 2-Step Verification (2SV), etc." Previously, you've been able to use a passkey with a Google account as part of two-factor authentication, but that was always in addition to a password. Now it's possible to use a Google account with a passkey instead of a password. A passkey, if you haven't heard of the new authentication method, is a new way to log in to apps and websites and may someday replace a password. Password entry began as a simple text box for humans, and those text boxes slowly had automation and complication bolted onto them as the desire for higher security arrived. While you used to type a remembered word into a password field, today, the right way to use a password is to have a password manager paste a random string of characters into the password box. Since few of us physically type in our passwords, passkeys remove the password box. Passkeys have your operating system directly swap public-private keypairs -- the "WebAuthn" standard -- with a website, and that's how you get authenticated. Google's demo of how this will work on a phone looks great -- the usual box asks for your Google username, then instead of a password, it asks for a fingerprint, which unlocks the passkey system, and you're logged in. Google's passwordless support is headed for consumer devices right now, while business Google Workspace accounts will "soon" have the option to enable passkeys for end users.

Read more of this story at Slashdot.