



Google has announced the long-awaited introduction of passkeys to all Google account users, moving away from traditional alphanumeric passwords.

Passkeys are a safer and easier alternative to passwords, the company wrote on the Google Identity blog. Passkey allows a user to sign in to an app or his website using a biometric sensor (such as fingerprint or facial recognition), PIN, or pattern, eliminating the need to remember and manage passwords. .

Proper implementation of passkeys makes the authentication process much easier for real users while increasing account security. Instead of remembering passwords or using his two-factor authentication, the user simply logs into his device and authentication is handled through the device.

And Google isn’t the only major company working on “frictionless” logins. In 2022, Apple and Microsoft will join Google to announce support for a passwordless future.

Companies will follow the specifications of the FIDO (Fast IDentity Online) Alliance, an open industry group. This ensures that passkeys from one system can be transferred to another system. For example, if you switch from an Android phone to an iPhone, you can transfer your passkey between devices without too much effort.

Anyone with a computer, smartphone, or tablet can benefit from passkey technology, but its potential benefits are particularly noteworthy for people with disabilities.

Passwords cause accessibility issues for many users

Passwords are a form of cognitive testing that require users to recall information in order to progress through the process.

This is a problem for people with cognitive limitations and memory impairments, including a significant percentage of the elderly. According to the American Psychological Association (APA), an estimated 15-20% of people over the age of 65 experience mild cognitive impairment.

Passwords can also be a challenge for users who use assistive technology (AT), such as screen readers. If the password entry form contains improper labels or instructions, AT users may not be able to enter the password correctly on the first attempt, and if the password field has a time limit, some AT users will You may not be able to log in to the website until the The time limit will expire.

Using a passkey may solve these problems. Instead of entering a password or her two-factor authentication code, the user simply unlocks her phone (or another device that stores keys).

This also prevents malicious individuals from stealing private information. Two-factor authentication is secure, but not perfect. Passkey uses a type of encryption that relies on device-level encryption. It’s not very technical, but passkeys are highly resistant to phishing and other types of malicious attacks.

Passkeys need to be standardized to be truly accessible

Passkeys will become a standardized technology that can be used across devices, web browsers, and operating systems. As such, accessibility should be a central consideration when implementing.

Fortunately, the FIDO specification is a joint effort of the FIDO Alliance and the World Wide Web Consortium (W3C). W3C also publishes the Web Content Accessibility Guidelines (WCAG) and other accessibility standards.

That’s why FIDO Passkey is designed with accessibility in mind.

FIDO credentials are based on public key cryptography, allowing users to complete the login process simply by unlocking their mobile phone. Phones can be unlocked using different types of inputs. Users can verify their identity using biometrics, PINs (personal identification numbers), or patterns. In some circumstances (such as if your phone is lost or damaged) your password may still be used to verify your User ID. But creating a shared standard would make it much easier for users to transfer passkeys between different kinds of devices.

Overall, the increase in passkeys and the elimination of passwords could make the Internet much more accessible to people with disabilities. By implementing standards through an open set of specifications, Google, Apple, and Microsoft hope to improve Internet security while eliminating a major source of user frustration.

Content authors can give access to the authentication process by following WCAG

All users will benefit when passkey technology becomes the new normal. However, this process is time consuming and currently many websites do not have access to authentication instructions.

You can improve the accessibility of your website by providing authentication options. Instead of relying on passwords, consider alternatives such as Open Authorization (OAuth).

Other quick tips for accessible authentication:

For more information, see How to Make Your Website’s Authentication Process Accessible.

