In a recent development, Google has announced the rollout of passkey support for its Workspace and Cloud customers, following the introduction of personal account support just last month. This new feature allows users to unlock their Google accounts without the need for passwords, by simply using their phone or computer’s PIN, fingerprint, face unlock, or other screen-lock mechanisms. Google emphasizes that biometric data used for passkeys is never transmitted to their servers or any external websites or apps, placing a significant emphasis on the security of users’ devices.
Passkeys have been specifically designed with user privacy in mind. When a user signs in to their Workspace apps, such as Gmail or Google Drive, using a passkey, it confirms their device’s ownership and allows access through fingerprint recognition, face recognition, or other screen-lock methods.
Initially introduced for personal accounts and the Advanced Protection Program in early May, passkey support is now being made available as an open beta for Google Workspace and Google Cloud accounts. This rollout will benefit over 9 million organizations, including businesses, schools, and government entities, making Google the first major public cloud provider to offer this technology to its customers.
Passkeys offer several advantages for enterprises, particularly in reducing phishing attacks and social engineering threats. Compared to traditional passwords, passkeys cannot be easily written down or inadvertently disclosed to malicious actors. According to Google’s early data from March to April 2023, passkeys offer a two-fold increase in speed and are four times less prone to errors compared to passwords.
Passkeys are supported across various platforms, including Android, ChromeOS, iOS, macOS, and Windows, as well as popular browsers like Chrome, Safari, and Microsoft Edge.
Google plans to gradually enable passkey support for users over the next few days, along with corresponding console controls for Workspace administrators. Administrators have the ability to enable passkeys for individuals within their organization, allowing them to bypass passwords during sign-in. This feature is disabled by default and requires manual activation by administrators. However, users can still choose to create and use passkeys as an alternative two-step verification (2SV) method, alongside or instead of the existing Google Prompt.
To start using passkeys in place of passwords, or as a 2SV method, for Google Workspace and Google Cloud accounts, users can visit the dedicated website at g.co/passkeys.
This new development marks a significant step forward in enhancing security and user experience within the Google Workspace ecosystem, providing organizations with greater protection against common cybersecurity threats.