Google warns “passwords are not only painful to maintain, but are also more prone to phishing and often leaked through data breaches.” And that’s the real issue. “It’s important to use tools that automatically secure your account and protect you from scams,” Google tells users, and that means upgrading account security now.
Google says “we want to move beyond passwords altogether, while keeping sign-ins as easy as possible.” That includes social sign ins, but mainly it means passkeys. “Passkeys are phishing-resistant and can log you in simply with the method you use to unlock your device (like your fingerprint or face ID) — no password required.”
This is just one of their excuses, to keep their users inside google’s walled-garden
Yes, passkeys are more secure but if and when Google is involved, then hell to the fuck no. I’m already moving away from Google anyway, Gmail amongst a few others, are still left.
passkeys are way for a token unlocked by your device’s biometric sensor to validate a request. biometric information is not sent to Google.
The standard is implemented by multiple vendors, Just like HTTP Basic Auth is. It is not Google specific
You don’t have to use biometrics either. You can just use a password manager that manages the passkeys and only login to the pw manager with a pw.