published : 2023-10-17

Goodbye passwords! Google just made a huge security change – will it stick?

Say goodbye to sticky notes with passwords on your monitor

A photo of a person frustratedly typing on a keyboard while surrounded by sticky notes with passwords. Taken with a Canon EOS 5D Mark IV.

Passwords might be one of the biggest tech frustrations. Make them too hard, and they're impossible to remember. Too easy, and your accounts are practically wide open.

You could use a password manager or your browser's built-in option to remember your logins. Here's how to find saved passwords in your browser.

Those solutions aren't perfect, of course. Password managers get hacked, and anyone with the know-how can access your saved browser options. No wonder tech companies are working to welcome us to a future sans passwords.

That stands for Fast IDentity Online. Big tech companies launched the industry association in 2013 to build a better system than passwords we have to keep track of and type in. Now we're seeing more start to roll it out, and Google's beta testing worked so well that the company just made it the standard way to protect your account.

Before we get to how to use passkeys, let's do a deep dive into how they work.

A passkey is a personalized FIDO credential (like your fingerprint or face scan) that lives securely on your device. You use that instead of a username and password to unlock your accounts.

A close-up photo of a person's hand using a fingerprint scanner to unlock a device. Taken with a Nikon D850.

Another bonus: No more sticky notes with passwords on your monitor. Passkeys also eliminate the daily 'Which password did I use here?' dilemma. Naturally, it'll be faster and easier to log in.

But is it safe to use? Glad you're asking. The unique structure of passkeys makes them near-impenetrable, unlike passwords — which are notoriously easy to crack. Since they're stored on your local device, passkeys can't be hacked or guessed like passwords.

And there's no concern of a hacker getting their hands on one of your passwords and opening the keys to the castle since each device has its unique passkey. That's a far cry from passwords, and studies show most people rely on only a handful of passwords for all their accounts.

If you're sick of typing in credentials all day, you can set up passkeys with your Google account.

Note: Passkeys are automatically created for Google devices, but you must set them up for any other gadgets you use to access your account(s). You need to do this individually on each device you want to give access to. Remember, a passkey lives on that device, so it's not just an account-wide setting.

You'll be prompted to log in without your password in certain situations. My advice: Use biometric authentication (your fingerprint or face) anywhere you can. It's much more secure than a PIN.

A photo of a person securely logging into their Google account using a passkey on their smartphone. Taken with a Sony Alpha a7 III.

You can use passkeys with your iPhone, too. These work through the iCloud Keychain. Make sure you have that turned on and 2FA enabled to use passkeys. Note: To use passkeys, iOS 16, iPadOS 16, macOS 13, or tvOS 16 (or later) is required.

Depending on the website, browser or app you're using, saving a passkey to your iPhone and iCloud Keychain usually consists of these steps:

To sign in to an account on your iPhone with a passkey: The passkey you saved completes the sign-in automatically.

When using a device not associated with your Apple ID, you can still sign in to an account using the passkey stored on your iPhone. Here's how: The passkey that's saved to iCloud Keychain completes the sign-in automatically.

Now, onward, with your safe new logins.