Google has just confirmed what many suspected: it's time to say goodbye to traditional passwords and 2FA via SMS. Instead, the company wants Gmail users—especially those with personal accounts—to take the step towards a more secure system: passkeys. This new technology is designed to replace outdated authentication methods, and Google is already actively promoting it as the way forward.

According to data shared by the company itself, a worrying majority—around 60% of users in the United States—still rely on systems like classic 2FA or passwords. The problem is that these methods are no longer recommended by cybersecurity experts, as they are increasingly vulnerable to phishing techniques, social engineering, or text message interception.

Google is clear: it's time to evolve, and it will do so by pushing users to adopt passkeys, albeit gradually.

What are passkeys and why are they more secure?

Passkeys are a passwordless authentication system that uses a combination of cryptographic technology and trusted devices to verify your identity. There's no need to remember anything or enter temporary codes. Instead, you simply use your face, fingerprint, or local PIN on an authorized device.

These are its main advantages:

In addition, passkeys work on Apple, Android, and Windows devices, and sync through cloud services like iCloud or Google Password Manager. This allows users to access their accounts from different devices without complications, while maintaining a very high level of protection against unauthorized access.

For Google, this change is not just an additional option, but a necessary step. As the Forbes article points out, the company is convinced that passkeys represent the future of secure internet access and will not wait for all users to voluntarily decide to switch.

Resistance to change:A barrier Google must overcome

Despite the obvious benefits, mass adoption isn't happening as quickly as expected. Google acknowledges that a large portion of the public is still comfortable with their current systems. In many cases, it's a combination of unfamiliarity, a lack of trust in new things, or a fear of being locked out when switching devices.

In fact, many users still don't understand what passkeys are or how they work, and this fuels unnecessary resistance.

To overcome this barrier, Google is starting to implement prompts within Gmail, notifying users about passkeys and offering a quick way to activate them. It is even contemplated that, in the near future, the activation of passkeys will be mandatory in certain accounts or that 2FA by SMS will be completely deactivated, as has already happened with some Google Workspace accounts.

How to activate your passkeys in Gmail

If you don't want to wait for Google to require it, you can take the lead and activate your passkeys now. The process is simple:

Once this is done, you will be able to log in to Gmail without using a password or 2FA code, which is not only more secure, but also faster and more convenient.

Google has assured that, in case of loss or change of device, you can always revoke the previous passkey and register a new one, as long as you have access to your recovery account or another authorized device.

In case of loss or change of device, you can always revoke the previous passkey and register a new one, provided you have access to your recovery account or another authorized device.