Google will start rolling out passkey support across Google Accounts on all major platforms including Chrome and Android around this year’s World Password Day. This is the tech giant’s latest effort on its passwordless sign-in push, eliminating the need for Google to ask users for passwords or two-step verification (2SV) when signing in.

Passkey was introduced by the FIDO Alliance and its partners, including Apple, Google and Microsoft. It is a cross-platform, general-use term referring to a password replacement that simplifies and secures sign-ins and account registration for websites and apps across all of a user’s devices. Phone or computer operating systems manage the passkeys and automatically sync between the user’s devices via a cloud service, which also stores an encrypted copy of the FIDO credential, according to FIDO Alliance.

“Passkeys are a more convenient and safer alternative to passwords,” Google noted in a blog post. “They work on all major platforms and browsers, and allow users to sign in by unlocking their computer or mobile device with their fingerprint, face recognition or a local PIN.”

The company noted it’s no secret that choosing strong passwords or remembering them can be challenging for users that are vulnerable to phishing attacks. Even though 2SV or multi-factor authentication (MFA) offers better security, they bring additional friction and still don’t fully protect against phishing attacks or other MFA-targeted attacks such as “SIM swaps” for SMS verification, the company added.

“Passkeys are the beginning of the end for passwords,” the blog wrote, clarifying that passwords, 2SV and other signing-in methods will still work across Google accounts.

After users add the passkey option to their Google accounts, the company will ask for it when signing in or performing sensitive actions within their accounts on devices that support passkeys. And Google Workspace accounts administrators will soon have the option to enable passkeys for their end-users during sign-in as well.

The passkey is stored on users’ local computers or mobile devices and will ask for screen lock biometrics or PIN to confirm their identity. The screen lock only unlocks the passkey locally, so the biometric data won’t be shared with Google or other third parties, ensuring better security and privacy, Google explained.

“This means that passkeys protect you against phishing and any accidental mishandling that passwords are prone to, such as being reused or exposed in a data breach. This is stronger protection than most 2SV methods offer today, which is why we allow you to skip not only the password but also 2SV when you use a passkey,” the company noted. “In fact, passkeys are strong enough that they can stand in for security keys for users enrolled in our Advanced Protection Program.”

Additionally, users don’t have to use their phones or local computers every time they sign in. For multiple devices, they can create a passkey for each one. And some platforms can back up and sync passkeys to other devices, meaning users can sign into the same iCloud account on other Apple devices if they create a passkey on their iPhone, for example.

If you lose a device with a passkey, Google Account allows you to revoke the passkey in the account settings and some devices also support the option to remotely wipe it, according to Google.

Google noted the passkey rollout marks a big step in its more than 10 year-long password journey. And the company encourages other web and app developers to adopt passkeys as well.

Apple introduced its passkey feature at its WWDC 2022 event. Microsoft’s Windows platforms are anticipated to fully support passkey soon. The FIDO Alliance expects to see the adoption surging this year.

Passkey “was widely welcomed as a more secure replacement for passwords and is already being utilized by PayPal and other service providers,” FIDO Alliance Executive Director and CMO Andrew Shikiar told SDxCentral in an earlier interview. “We will see more major brands adopting passkeys in 2023, which will lead to broader consumer awareness and demand.”

The alliance and its partners will release common user experience guidelines to help ensure consistent passkey terminology, branding and messaging, he added.