Google Introduces Passwordless Login Experience, Streamlining User Authentication
Google has just announced a new passwordless login experience through a mass email to users, allowing them to log in using security keys instead of passwords. This feature enables users to complete biometric verification on trusted devices, eliminating the need to input passwords.
To enable this feature, users need to go to their Google Account Center, click on Security, Login options, Add security key, and then create and enable a security key. Finally, click on the option to skip password input whenever possible, located towards the bottom of the page.
Currently, the feature supports the following systems:
- Windows 10
- Windows 11
- macOS 13 Ventura+
- ChromeOS 109+
- iOS 16+
- Android 9+
Supported browsers include:
- Chrome 109+
- Microsoft Edge 109+
- Apple Safari 16+
Authentication methods that can be used are PIN codes, fingerprint recognition, facial recognition, iris recognition, and other Windows Hello-supported methods.
The feature operates on the FIDO2 authentication standard. Google treats trusted devices created by users as Passkeys, which allow users to log in using the device's supported authentication method, like a PIN code on a Windows PC. This makes the login process more convenient.
However, if a user triggers a risk control measure during login, they may still need to input a password and a 2FA verification code (or another specified verification method). In this case, the option to skip password input would be bypassed, and the user would directly authenticate through the FIDO2 standard without triggering risk control.
Microsoft has been progressing faster in passwordless login compared to Google, with Microsoft accounts now supporting password removal and relying solely on Windows Hello for verification. User experiences shared by users have been largely positive.
As for Google, tests have shown that setting up a Passkey still requires inputting a password and 2FA verification code during login. It remains unclear if this is due to a high volume of users setting up Passkeys, causing a delay in Google's system response.