The End of Passwords: How to Set Up Passkeys on Google

For decades, we have relied on complex strings of characters to protect our digital lives. Google has finally begun the shift away from this outdated method by introducing passkeys. This technology uses the biometrics on your device, such as Face ID or a fingerprint scanner, to log you in instantly. It offers a level of security that makes traditional passwords and two-factor authentication codes look obsolete.

What Are Passkeys and Why Do They Matter?

Passkeys are a new digital credential standard created by the FIDO Alliance, a consortium that includes tech giants like Apple, Microsoft, and Google. Unlike a password, which is a shared secret stored on a server, a passkey is based on public-key cryptography.

When you create a passkey, two distinct keys are generated:

  1. The Private Key: This stays securely on your device. It never leaves your phone or computer and is never shared with Google.
  2. The Public Key: This is uploaded to Google’s servers.

When you try to sign in, Google sends a digital challenge to your device. Your device uses the private key to solve the challenge and sends the solution back. Google unlocks your account only if the solution matches the public key.

This structure makes passkeys phishing-resistant. A hacker cannot steal your passkey by tricking you into logging into a fake website because your device knows the difference. If the website address does not match the original exactly, the passkey simply will not work.

Hardware and Software Requirements

Before you attempt to set this up, you need to ensure your hardware is compatible. Passkeys rely on modern operating systems to sync keys securely across your devices.

Supported Operating Systems:

  • Windows: Windows 10 or Windows 11.
  • macOS: macOS Ventura (version 13) or later.
  • iOS: iOS 16 or later.
  • Android: Android 9 or later.

Supported Browsers:

  • Chrome: Version 109 or later.
  • Safari: Version 16 or later.
  • Edge: Version 109 or later.

You must also have a screen lock enabled on your device. This can be a PIN, pattern, or biometric lock. Without a secure screen lock, the device cannot protect the private key.

Step-by-Step Guide to Enabling Google Passkeys

Setting up a passkey is much faster than resetting a forgotten password. Follow these steps to secure your Google account immediately.

1. Access Your Account Security Settings

Open your preferred browser and navigate to myaccount.google.com. If you are not already logged in, you will need to enter your username and current password one last time.

2. Locate the Passkeys Menu

On the left-hand navigation bar, click on Security. Scroll down the page until you find the section labeled “How you sign in to Google.” You should see an option for Passkeys. If you do not see it, ensure your browser is up to date.

3. Create a Passkey for Your Current Device

Click on Passkeys. You may be asked to verify your identity with your password. On the next screen, you will see a button labeled + Create a passkey.

When you click this, a system dialog will appear asking you to confirm.

  • On iPhone/Mac: It will ask for Face ID or Touch ID.
  • On Android: It will ask for your fingerprint or face unlock.
  • On Windows: It will ask for Windows Hello (face, fingerprint, or PIN).

Once you provide that biometric confirmation, the passkey is created and stored on that device.

4. Enable “Skip Password When Possible”

Google creates a generic passkey automatically for Android devices that you are already signed into. Once you have manually created passkeys for your other devices, Google will begin prompting you to use them by default. You can verify this is active in the “Skip password when possible” toggle located in the Security menu.

How to Use Passkeys Across Different Devices

One of the biggest concerns users have is cross-device compatibility. For example, you might want to log into a Windows computer using an iPhone. Passkeys handle this using a feature called Cross-Device Authentication (CDA).

If you try to log into Google on a computer that does not have your passkey, choose the option “Use a passkey from another device.”

  1. A QR code will appear on the computer screen.
  2. Open the camera on your smartphone.
  3. Scan the QR code.
  4. Your phone will connect to the computer via Bluetooth to verify proximity (this ensures a hacker isn’t trying to log in from a different country).
  5. Approve the login on your phone using your face or fingerprint.

Managing and Revoking Passkeys

If you lose a device or sell your phone, you must revoke the passkey associated with it to maintain security.

  1. Return to myaccount.google.com and go to Security > Passkeys.
  2. You will see a list of all devices that currently hold a credential for your account.
  3. Identify the device you no longer possess.
  4. Click the “X” or trash can icon next to that device.

This immediately invalidates the private key on that specific device. Even if someone manages to unlock your old phone, they cannot use it to access your Google account once you have revoked access from the server side.

Frequently Asked Questions

Does Google get my fingerprint or face data? No. Your biometric data never leaves your device. The fingerprint or face scan is only used to unlock the “Private Key” stored on your phone’s secure chip. Google only receives a cryptographic code that confirms the unlock was successful.

What happens if I lose my phone? If you lose your phone, you are not locked out forever. You can still use your password and a second factor (like a backup email or SMS code) to log in on a new device. Once logged in, you should immediately remove the lost device’s passkey and create a new one for your new phone.

Can I still use my password if I want to? Yes. Passkeys are currently an optional alternative. When you try to log in, you can select “Try another way” to revert to typing in your standard password. However, Google is aggressively moving toward making passkeys the default setting for all personal accounts.

Do passkeys sync between Apple and Android? Passkeys sync within ecosystems. An iCloud Keychain passkey will sync between your iPhone and Mac. A Google Password Manager passkey will sync between your Android and Chrome browser. To cross the gap (using an iPhone to log into a Windows PC), you must use the QR code scanning method described in the article.