Google has a vision, and that vision is that in a few years' time, you won't need to use a password anymore to log into any of your online services. That means it's a lot harder for someone to hack you, and it means that you will also have an easier experience logging in to all of your favorite websites. There's a bit of a long way to go, but Google has taken the first step towards that vision by rolling out the ability for you to create a passkey in your Google account.

In this day and age, passwords are inherently insecure for a multitude of reasons. For starters, people often create and use weak passwords, and they often reuse them across multiple sites, too. That's why two-factor authentication exists; it combines something you know with something that you have in order to grant you access to your account. However, it's become clear that even two-factor authentication isn't necessarily secure enough, and that's where passkeys come in.

Google's vision of passkeys aims to make them as intuitive as possible

Google has a vested interest in its users keeping their Google accounts secure. It gives them a reputation for being user conscious while also creating less work for them in terms of users trying to recover accounts should they be hacked. Passkeys are also more convenient in the long run for users, and it skips the sign-in process entirely. There are no codes to write down or save, and your device is your password, and using the device proves that you both have access to your device and are able to unlock it.

Google is encouraging users to switch to Passkey for signing in to their Google accounts, but it isn't forcing users to do so if they don't want to. Creating a passkey comes with security benefits, such as making it so Google is able to pay more attention to the logins that only use passwords. Passkeys are also unique to each device, whether you're using one of the best Android phones or top Windows devices, whereas some platforms like iOS will allow you to create a passkey and sync it to your iCloud. Both of these preserve your access to your account if you lose or break your smartphone.

Signing in on a new device doesn't have to be difficult either, and Google has a pretty interesting way of achieving it. You can log in by clicking "use passkey from another device" and follow the prompts. This doesn't transfer the passkey from the source device but uses your screen lock and proximity to authenticate the login. If the new device supports storing a passkey, though, then it will offer to create one. If it's a shared device that you're using, then you shouldn't do it. There is also a way you can quickly and easily revoke a passkey, too, in case you lose a device that has one on it.

Why you should use passkeys

Passkeys make it so that without the key stored in your phone, somebody can't log in to your Google account, no matter how hard they try. There's no phone number to spoof, nothing to steal (unless they steal your phone and log in to that), and no password to crack. They simply won't be able to get in unless they are able to convince the service provider to give them access — in which case, that was always a vulnerable entry point for whatever account you were using anyway. Google has already introduced support for passkeys logging in on other sites based on FIDO standards, and it's about time that it extended to your Google account itself, too.

If you want to set up a passkey on your Google account to log in, we've written a handy tutorial showing you how to do so. It's a pretty simple process that only takes a couple of minutes, and it's a security step that you should take even if you don't make it your only mode of sign-in!