As your organization's administrator, you can allow users to skip password sign-in challenges and instead use a passkey that covers first and second-factor authentication. With passkeys, your users can sign in to their managed Google Account using their phone, a security key, or their computer’s screen lock.
- Authentication requires biometric authentication, such as a fingerprint or facial recognition, or a PIN or pattern on a device. The screen lock only unlocks the passkey locally and does not share biometric information with Google or other third parties.
- To allow users to skip passwords, you need to turn on skip passwords in the Google Admin console. Your users then, on their own account, need to turn on skip passwords and add a passkey. For details, go to Sign in with a passkey instead of a password.
- Your users don’t need to be enrolled into 2-Step Verification to use passkeys to skip passwords at sign-in.
Advantages of passkeys
- Passkeys use phishing-resistant technology and are simpler and more secure than passwords.
- Users can use a familiar pattern to unlock their device.
- Platforms sync passkeys using Google Accounts.
- Instead of remembering passwords for different sites, users can use passkeys.
Turn skip passwords on or off for users
To allow users to skip password challenges and use a passkey, you need to turn on skip passwords. Then, tell users that they need to turn on skip passwords and add a passkey to their account.
In the Admin console, go to Menu SecurityAuthenticationPasswordless.
- Click Skip passwords.
- If you want to allow users to skip password challenges, check the Allow users to skip passwords at sign-in by using passkeys box.
- Click Save.
If this setting is turned off after a user turned on skip password and added a passkey to their account, they will no longer be able to skip a password challenge. However, they can still be prompted for a passkey for second-factor authentication.