Passkeys, the passwordless login method that replaces a typed secret with a fingerprint, face scan or device PIN, have moved from novelty to mainstream, and Google’s numbers illustrate the shift. Google has reported that more than 800 million accounts now use passkeys, with billions of passkey sign-ins over the past two years, a sharp jump from the roughly 400 million Google accounts it cited in May 2024. That growth is part of a broader tipping point across the industry, with major platforms and enterprises pushing users away from passwords entirely.
Why the industry is abandoning passwords
Passwords have long been the weakest link in online security. They are reused across sites, guessed, stolen in breaches and, most damagingly, handed over to attackers through phishing. Passkeys are designed to close that gap. Built on the FIDO standards, they rely on a cryptographic key stored on a user’s device and unlocked by a biometric or PIN, so there is no shared secret to steal and nothing meaningful to phish. Google has described passkeys as easy to use and phishing-resistant, and noted they are faster than typing a password.
The appeal to companies is both security and convenience. Fewer passwords mean fewer successful phishing attacks, fewer password-reset support tickets and smoother sign-ins. That combination is why the shift has accelerated from a niche feature into a default expectation.
The signs of critical mass
Beyond Google’s account totals, adoption data points to a genuine inflection. Research from the FIDO Alliance and HID Global cited in a March 2026 industry report found that 87% of U.S. and U.K. companies have deployed or are actively deploying passkeys, while 69% of consumers now have at least one passkey, up from 39% two years earlier. The same report describes Microsoft beginning to auto-enable passkey profiles across its Entra ID enterprise identity service, a move it framed as the largest enterprise migration to passwordless authentication to date, with defaults applied automatically to organizations that had not configured custom settings by early April 2026.
Consumer platforms have pushed hard as well. Reporting notes that Facebook rolled out passkeys to its roughly 3 billion users in 2025, and the FIDO Alliance has said more than 15 billion online accounts can now leverage passkeys for sign-in. Taken together, these figures describe a technology that is no longer experimental but is being wired into the default login flows of the largest services people use.
The exact counts vary by source and by how each company defines an active passkey, so the precise numbers should be read as the platforms’ own reported figures rather than independently audited totals. The direction, however, is consistent across every measure: adoption is climbing quickly on both the consumer and enterprise sides.
What it means for readers and the caveats
For everyday users, the practical benefit is a login that is both easier and harder to steal. Setting up a passkey typically takes a few taps, and once created it lets you sign in with the same gesture you already use to unlock your phone. For older adults who are frequent targets of phishing, the phishing-resistance is the key advantage: there is no code or password to be tricked into revealing.
The transition is not without wrinkles. Security researchers have begun probing cloud-synced passkeys, which sync across a user’s devices for convenience, and have flagged that this convenience introduces new attack surfaces that did not exist with hardware-bound keys. That does not undermine the core security benefit, but it is a reminder that implementation matters as the technology scales to billions of users. There are also transitional headaches, such as recovering access if a primary device is lost, that platforms are still smoothing out.
The concrete step for readers is simple: when a service you use offers to set up a passkey, it is generally worth doing, while keeping a backup method and an account-recovery option in place. The trend to watch is whether passwords fade to a fallback rather than the default, a shift that companies like Google and Microsoft are now actively engineering rather than merely predicting.
More from Morning Overview
- The NSA issues an urgent warning to all phone users about a setting most people leave on
- 5,000-year-old wolves on remote island upend domestication theory
- Scientists may have found a Type II civilization
- EPA finally kills ‘stupid feature’ in 60% of U.S. cars after 14 years of driver rage
*This article was researched with the help of AI, with human editors creating the final content.