Chrome and Android towards a future that is blissfully password-free.

Logging into accounts is a pain. Who needs the frustration of password resets, two-factor authentication requests, and database breaches? This is precisely why we've been anticipating Google's announcement that a bold new password-free future was coming to Android and Chrome over the past few months. You'll be able to securely and conveniently access your favorite services thanks to cryptographically signed passkeys stored on your phone, and that all starts today.

When you truly consider it and look at what Google is adopting, it's not that far off from how we now handle saved passwords. The concept of accessing your accounts without directly inputting your login credentials may sound somewhere between weird and just plain terrible.

The idea of a "passkey," a digital record linking your personal information with a specific service, securely authenticated via chain of trust, and saved on a device like your phone, lies at the heart of this concept. You can access it using easy biometrics like a fingerprint, which is far quicker and more secure than putting in a password, just like other confidential information you store on your phone.

All of this is end-to-end encrypted, so even if Google coordinates the distribution of your passkeys, it cannot access them and use them to access your accounts. Android will soon support passkeys through the Google Password Manager, which will assist keep them synchronized across your gear.

The focus of the initial support is on online service access, and you can connect on your PC using passkeys in addition to utilizing them on your phone to speed up access on mobile: A QR code for a service might be displayed by Chrome on your computer, which you can then scan with your phone to approve the passkey. The Android API for native passkey support is the next project Google is working on, and it should be available to developers later this year.

Before any of this seems remotely popular, a lot of work needs to be done, including updating websites and apps, preparing third-party password managers for this major shift, and educating people about these new interactions. But we're thrilled to see this project finally starting to move forward because it has the possibility of more effective mobile security and just less of a pain for all things authentication-related.