Meta tags:
description= Fast, secure sign-in using fingerprint-, face- or device-lock based on industry standards
;
Headings (most frequently used words):
passkeys, to, are, website, or, benefits, passkey, application, they, google, identity, introduction, easier, safer, try, it, yourself, how, do, work, privacy, security, implementing, additional, resources, what, create, for, user, first, must, register, with, that, when, return, this, app, sign, in, can, take, the, following, steps, server, side, android, web, ios, product, info, stack, overflow, developer, consoles, use, public, key, cryptography, resistant, phishing, attacks,
Text of the page (most frequently used words):
the (67), #passkeys (46), and (36), #google (31), for (24), with (21), user (20), passkey (20), can (19), users (18), app (15), sign (14), identity (13), are (13), use (13), more (12), android (11), account (11), them (11), website (11), device (11), this (10), that (10), they (9), developers (8), thumb (8), only (8), console (7), samples (7), implement (7), from (7), authentication (7), password (7), biometric (7), verification (7), chrome (6), developer (6), web (6), guide (6), implementation (6), key (6), application (6), their (6), authorization (6), information (5), down (5), site (5), ios (5), phishing (5), attacks (5), operating (5), system (5), used (5), public (5), create (5), passwords (5), credential (5), español (4), platform (4), oauth (4), need (4), read (4), server (4), using (4), because (4), browser (4), when (4), stored (4), manager (4), devices (4), never (4), into (4), experience (4), such (4), sharing (4), cross (4), privacy (3), all (3), linking (3), apis (3), data (3), policy (3), under (3), try (3), content (3), registered (3), policies (3), resources (3), servers (3), resistant (3), created (3), being (3), signing (3), which (3), security (3), even (3), end (3), new (3), browsers (3), laptop (3), how (3), work (3), screen (3), unlock (3), select (3), sensor (3), fingerprint (3), facial (3), recognition (3), pin (3), safer (3), protection (3), 한국어 (2), 日本語 (2), ภาษาไทย (2), বাংলা (2), हिंदी (2), فارسی (2), العربيّة (2), עברית (2), русский (2), türkçe (2), tiếng (2), việt (2), português (2), brasil (2), polski (2), italiano (2), indonesia (2), français (2), américa (2), latina (2), deutsch (2), english (2), manage (2), terms (2), products (2), cloud (2), firebase (2), home (2), store (2), stack (2), overflow (2), service (2), blog (2), ask (2), our (2), yourself (2), other (2), too (2), steps (2), code (2), last (2), updated (2), 2026 (2), utc (2), licensed (2), see (2), license (2), get (2), relying (2), parties (2), cases (2), case (2), studies (2), additional (2), you (2), below (2), bound (2), ensure (2), frees (2), responsible (2), genuine (2), cryptography (2), reduces (2), private (2), attacker (2), required (2), complete (2), benefits (2), managers (2), protect (2), access (2), allow (2), tracking (2), between (2), sites (2), same (2), one (2), designed (2), give (2), material (2), leaves (2), personal (2), may (2), your (2), add (2), support (2), requires (2), available (2), phone (2), each (2), demo (2), autofill (2), will (2), pattern (2), authenticate (2), without (2), having (2), username (2), send (2), sms (2), save (2), far (2), less (2), websites (2), apps (2), easier (2), both (2), conversion (2), friction (2), based (2), across (2), risc (2), cookies, dashboard, cast, sdk, actions, play, api, consoles, openid, connect, branding, guidelines, product, info, latest, news, question, tag, fork, github, easy, understand, easytounderstand, solved, problem, solvedmyproblem, otherup, missing, missingtheinformationineed, complicated, many, toocomplicatedtoomanysteps, out, date, outofdate, issue, samplescodeissue, otherdown, tell, except, otherwise, noted, page, details, java, trademark, oracle, its, affiliates, apache, creative, commons, attribution, subscribe, notified, about, updates, newsletter, side, ready, started, guides, implementing, threat, potential, breaches, creates, generates, pair, but, alone, useless, derive, unauthorized, example, though, backed, impersonate, encrypts, secrets, own, don, than, protocols, carefully, shared, vector, might, false, impression, sending, sensitive, reality, important, have, been, mind, several, concerns, raise, appear, reassure, should, reassuring, message, revealed, faq, article, explaining, securely, encrypted, before, synced, decrypting, like, synchronizes, signed, later, also, opt, compatible, third, party, aren, restricted, where, phones, logging, isn, synchronized, long, near, approves, built, adopt, learn, behave, note, fido, standards, login, tap, name, field, show, list, dialog, return, take, following, check, click, button, existing, method, first, must, register, wants, uses, help, right, similar, saved, today, make, sure, rightful, owner, performed, digital, tied, enter, provide, any, factor, technology, aims, replace, legacy, mechanisms, what, reduce, costs, avoiding, making, cost, effective, means, instead, meaning, there, value, bad, actor, hack, cleanup, event, breach, cannot, tricked, authenticating, deceptive, handles, once, seamlessly, switch, immediately, needing, enroll, unlike, traditional, auth, setup, lock, typing, not, alternative, freeing, remember, hate, poor, liability, through, looking, further, improvements, federation, industry, modern, approaches, deliver, robust, against, eliminate, prompt, time, passcodes, since, standardized, single, enables, passwordless, different, systems, introduction, categorize, preferences, stay, organized, collections, feedback, supported, platforms, interface, design, communicating, journeys, overview, skip, main,
Text of the page (random words):
passkeys google for developers skip to main content google identity authentication sign in with google app verification passkeys credential sharing samples authorization account authorization app verification to use google authorization apis account linking resources cross platform implement identity for android implement identity for web implement identity for ios cross account protection risc policies oauth 2 0 policy english deutsch español español américa latina français indonesia italiano polski português brasil tiếng việt türkçe русский עברית العربيّة فارسی हिंदी বাংলা ภาษาไทย 中文 简体 中文 繁體 日本語 한국어 sign in passkeys sign in with google app verification passkeys credential sharing samples google identity authentication more sign in with google app verification passkeys credential sharing samples authorization more cross platform more cross account protection risc policies more passkeys overview use cases user experience user journeys communicating passkeys to users user interface design supported platforms developer guide for relying parties case studies sign in with google app verification passkeys credential sharing samples account authorization app verification to use google authorization apis account linking resources implement identity for android implement identity for web implement identity for ios oauth 2 0 policy home products google identity authentication passkeys send feedback stay organized with collections save and categorize content based on your preferences passkeys introduction passkeys are a safer and easier alternative to passwords with passkeys users can sign in to apps and websites with a biometric sensor such as a fingerprint or facial recognition pin or pattern freeing them from having to remember and manage passwords developers and users both hate passwords they give a poor user experience they add conversion friction and they create security liability for both users and developers google password manager in android and chrome reduces the friction through autofill for developers looking for even further improvements in conversion and security passkeys and identity federation are the industry s modern approaches passkeys deliver robust protection against phishing attacks and can eliminate the need to prompt for sms or app based one time passcodes at sign in since passkeys are standardized a single implementation enables a passwordless experience across all of a users devices across different browsers and operating systems passkeys are easier users can select an account to sign in with typing the username is not required users can authenticate using device s screen lock such as a fingerprint sensor facial recognition or pin once a passkey is created and registered the user can seamlessly switch to a new device and immediately use it without needing to re enroll unlike traditional biometric auth which requires setup on each device passkeys are safer passkeys protect users from phishing attacks passkeys work only on their registered websites and apps a user cannot be tricked into authenticating on a deceptive site because the browser or os handles verification developers only save a public key to the server instead of a password meaning there s far less value for a bad actor to hack into servers and far less cleanup to do in the event of a breach passkeys reduce costs by avoiding the need to send sms making them a safer and more cost effective means for authentication what are passkeys a passkey is a digital credential tied to a user account and a website or application passkeys allow users to authenticate without having to enter a username or password or provide any additional authentication factor this technology aims to replace legacy authentication mechanisms such as passwords when a user wants to sign in to a service that uses passkeys their browser or operating system will help them select and use the right passkey the experience is similar to how saved passwords work today to make sure only the rightful owner can use a passkey the system will ask them to unlock their device this may be performed with a biometric sensor such as a fingerprint or facial recognition pin or pattern to create a passkey for a website or application a user first must register a passkey with that website or application go to the application and sign in using the existing sign in method click create a passkey button check the information stored with the new passkey use the device screen unlock to create the passkey when they return to this website or app to sign in they can take the following steps go to the application tap on the account name field to show a list of passkeys in an autofill dialog select their passkey use the device screen unlock to complete the login try it yourself you can try passkeys in this demo passkeys demo how do passkeys work passkeys are securely encrypted on device before being synced and requires decrypting them on new devices passkeys can be stored in password managers like google password manager which synchronizes passkeys between the user s android devices and chrome browsers that are signed into the same google account users with android 14 or later can also opt to store their passkeys in a compatible third party password manager users aren t restricted to using the passkeys only on the device where they re available passkeys available on phones can be used when logging into a laptop even if the passkey isn t synchronized to the laptop as long as the phone is near the laptop and the user approves the sign in on the phone as passkeys are built on fido standards all browsers can adopt them note see passkey support on android and chrome to learn how android and chrome behave on each operating system privacy benefits important passkeys have been designed with user privacy in mind several concerns that end users may raise appear below to reassure your users developers should add a reassuring message to the ui e g with passkeys the user s biometric information is never revealed to the website or the app biometric material never leaves the user s personal device and create an faq or support article explaining more because signing in with biometric might give users a false impression that this is sending sensitive information to the server in reality biometric material never leaves the user s personal device passkeys on their own don t allow tracking users or devices between sites the same passkey is never used with more than one site passkey protocols are carefully designed so that no information shared with sites can be used as a tracking vector passkey managers protect passkeys from unauthorized access and use for example the google password manager encrypts passkey secrets end to end only the user can access and use them and even though they re backed up to google s servers google can t use them to impersonate users security benefits because passkeys are bound to a website or app s identity they re resistant to phishing attacks the browser and operating system ensure that a passkey can only be used with the website or app that created them this frees users from being responsible for signing in to the genuine website or app passkeys use public key cryptography public key cryptography reduces the threat from potential data breaches when a user creates a passkey with a site or application this generates a public private key pair on the user s device only the public key is stored by the site but this alone is useless to an attacker an attacker can t derive the user s private key from the data stored on the server which is required to complete authentication resistant to phishing attacks because passkeys are bound to a website or app s identity they re resistant to phishing attacks the browser and operating system ensure that a passkey can only be used with the website or app that created them this frees users from being responsible for signing in to the genuine website or app implementing passkeys ready to get started you can implement passkeys on android web and ios using our implementation guides below server side implementation guide for servers read more android implementation guide for android read more web implementation guide for web read more ios implementation guide for ios read more additional resources passkeys case studies use cases passkeys developer guide for relying parties subscribe to the google passkeys developer newsletter to get notified about passkey updates except as otherwise noted the content of this page is licensed under the creative commons attribution 4 0 license and code samples are licensed under the apache 2 0 license for details see the google developers site policies java is a registered trademark of oracle and or its affiliates last updated 2026 04 15 utc need to tell us more easy to understand easytounderstand thumb up solved my problem solvedmyproblem thumb up other otherup thumb up missing the information i need missingtheinformationineed thumb down too complicated too many steps toocomplicatedtoomanysteps thumb down out of date outofdate thumb down samples code issue samplescodeissue thumb down other otherdown thumb down last updated 2026 04 15 utc github fork our samples and try them yourself stack overflow ask a question under the google oauth tag blog the latest news on the google developers blog product info terms of service apis user data policy branding guidelines stack overflow google identity sign in with google google oauth 2 0 and openid connect google account linking developer consoles google api console google cloud platform console google play console firebase console actions on google console cast sdk developer console chrome web store dashboard google home developer console android chrome firebase google cloud platform google ai all products terms privacy manage cookies english deutsch español español américa latina français indonesia italiano polski português brasil tiếng việt türkçe русский עברית العربيّة فارسی हिंदी বাংলা ภาษาไทย 中文 简体 中文 繁體 日本語 한국어
|