Passwords have always been a necessary evil, giving you the choice of either using one that is too simple (so you can easily remember it) or one obscure enough to be secure but complicated enough to require a password manager.
Until now, the best way to keep your accounts secure was to partner a password with two-factor authorization (2FA). But now, Google is offering another choice: using a passkey — a secure credential tied to the PIN or biometric authentication your device already uses. The passkey only exists on your device, not in the cloud, making it even safer.
Want to give it a try? Here’s how.
What are the hardware / software requirements?
Currently, you can create a passkey on any compatible hardware, including laptops / desktops with Windows 10 or macOS Ventura (or later) running Chrome 109, Safari 16, or Edge 109 or later. If you’re setting up a passkey on a mobile phone or tablet, it must run iOS 16 or Android 9 (or later). You can also use it with any hardware security key that supports the FIDO2 protocol.
You will also need to have a screen lock enabled, and if you want to use your phone to sign into another device, such as a laptop, you will also need to have Bluetooth turned on.
Finally, if you have a Google Workspace account through a school or employer, you won’t be able to set up a passkey for that account. (You can, however, use it for any personal Google account.)
How do I set it up?
- Start by going to g.co/passkeys.
- If you have an Android phone already signed into that account, you may have been automatically registered for a passkey. If that is the case, the device will be listed under Automatically created passkeys, and you can just click the blue Use passkeys button.
- You will then get a pop-up saying that you can now use a passkey. Click Done.
- If your device isn’t listed (if you’re using an iPhone, it probably won’t be), then select the Create a passkey button at the bottom of the page. (Note: at this point, it will be much easier to use the device you want to use as a passkey — in other words, if you want to use your iPhone, then use your iPhone rather than your computer to follow these directions.)
- You will get a pop-up that lets you use either the device you are currently using as the passkey (in which case, select Continue) or be prompted to select Use another device. If the latter, you will be given a QR code to scan with your phone’s camera.
- If you are using an iPhone, you may also be asked to turn on iCloud Keychain.
And you’re done!
What if I lose or sell a device that has a passkey?
You can remove a device from your list of passkeys — if the passkey was one that you created.
- Go to your Google account.
- Select Security in the left-hand column, and scroll down to How you sign in to Google. Select Passkeys.
- Under Passkeys you created, click the X next to the passkey you want to delete.
If the passkey was automatically created by Google, you can’t delete it — instead, you have to sign that device out of the account.
- As in the previous example, go to Security in the left-hand column, but this time, scroll down and select Manage all devices.
- Select the phone you want to sign out of and then choose Sign out.
Can I stop using passkeys altogether?
Yes. If you want, you can go back to using passwords and 2FA as before. (Note: the passkeys will still be part of the account; they just won’t be used.)
- Go to your Google account > Security
- Scroll down to Skip password when possible and toggle it off.