Bringing passkeys from 0 to billions

Client
Google LLC

Year
2021-2024

As the UX lead for passkeys, I was responsible for driving the vision and execution of one of Google’s most critical authentication initiatives, adding an entirely new pillar to authentication for one of the most used websites globally. This complex program spanned seven product areas and over 70 collaborators.

I led the effort to scale Passkeys to the billions, achieving 39% faster sign-in times and ~90% user satisfaction with its ease of use and security.

With a holistic view of Google’s broader security needs, I saw Passkeys as a crucial element in positively transforming Google’s authentication experience.

I proactively developed a user-centered strategy to scale passkeys across multiple product areas by planing & facilitating large collaboration events like summits and workshops.

Understanding the need to enhance usability while ensuring robust security, I identified opportunities to drive adoption through deep integration across the device platform, browser, and passkeys technology.

Respecting the user, their needs, and bringing the best UX and experience was the priority.

Why are passkeys important?

Passkeys provide a secure and effortless way to authenticate by utilizing a key pair system: a private key stored safely on your device and a public key stored with the app or service you use. Unlike traditional authentication methods, even if a site is compromised, your passkey can’t be reused to access other sites—and it’s immune to phishing.

For users, passkeys are as fast as passwords at their best, but without the hassle of management or memorization. Your device handles the security, alleviating these burdens - and enabling users to focus on their goals instead of worrying about signing in or account recovery.

Setting up a passkey is designed to be as intuitive as using one. Once you’ve set up your first passkey, the process becomes second nature for all future setups and uses. Learn it once, and you’re set for good.

In essence, passkeys offer a triple win for users: they are secure, fast, and incredibly easy to use.

As the UX Lead collaborating with over 70 cross-functional partners, I tackled technical hurdles related to deep platform integration to deliver a seamless user experience.

By working closely with Product Managers, Engineers, various UX disciplines, and Visual Designers, we ensured that Passkeys provided a secure and intuitive experience across all platforms.

To address these challenges strategically, I developed a comprehensive repository of user journeys, which became instrumental in our process.

Recognizing that the speed improvements of Passkeys were initially underappreciated, I increasingly utilized screen recordings and prototypes over time to effectively demonstrate their value.

Comprehensive Audits

To ensure passkeys were working for all users on Google.com, as support grew across platforms, credential managers, I led a cross-organizational initiative to audit and enhance Passkey UX across Google’s ecosystem. We evaluated over 80 user journeys across 5 platforms, leveraging multiple credential managers - identifying bugs that we successfully prioritized and resolved.

Partnering with Google’s internal accessibility team, I led multiple in-depth accessibility audits of Passkey journeys. These covered the experience of using passkeys on Google.com across platforms and credential managers.

This uncovered issues across the ecosystem, which were successfully resolved.

Establishing a robust feedback loop

With UXR, the team established a convenience metric—an umbrella term capturing various forms of qualitative feedback to measure the success of passkeys. This metric included user surveys, qualitative insights, and research outcomes, offering a comprehensive view of the user experience.

I made space for UXR in leadership discussions and advocated for its inclusion in the team’s OKRs. By connecting UXR with key decision-makers, we ensured that user-centric insights became a core part of our ongoing product evaluation.

This led directly to changes across the passkeys journey on Google.com, from refining the settings page for consumers & enterprise to boosting conversion by almost 100% in certain cases with targeted A/B testing.

Get passkeys for your Google Account today

Get passkeys for your Google Account today •

Get passkeys for your Google Account

Passkeys beyond Google

Recognizing that passkeys are an open standard available to everyone online, and with Google being an essential tool for so many users, I saw a significant opportunity to extend passkeys beyond just Google.

As the strategic UX lead in advancing passwordless authentication beyond Google, I joined the FIDO Alliance in 2022 to shape global standards.

As Chair of the FIDO UX Working Group, I led efforts with over 120 designers from major industry players like Amazon, Meta, and TikTok to define industry benchmarks.

To tackle the most critical challenges, I established nine workstreams, empowering both Googlers and FIDO members—including companies like Microsoft, Amazon, Meta, Intuit, and MasterCard—to drive and influence the development of passkey standards. This collaborative initiative unified diverse perspectives, enabling us to create technically robust and user-centric guidelines that set the foundation for the widespread adoption of secure, passwordless authentication solutions.

Based on feedback from the identity technology community, the FIDO UX Working Group established 2 perennial resources.

  1. Passkey UX guidelines establish a framework for UX & product designers to introduce passkeys to their products.

  2. Passkey Central is a resource for other decision makers in organizations like managers, leadership, engineers and aims help with their journey to passkeys. It includes includes decision-making tools, videos, passkey implementation roll-out guides, and metrics.

Figma design resources for passkeys

To further promote the adoption of passkeys, the FIDO UX Working Group (UXWG) collaborated to provide comprehensive Figma design resources.

Designers and collaborators from Google, Android, Chrome, MasterCard, Apple, Microsoft, and other major companies came together to create these tools, making it easier for more teams to consider implementing passkeys.

The resources include Passkey OS dialog components directly from the teams designing the platforms, as well as prototypes that demonstrate how to integrate passkeys into existing products. The goal is to provide a starting point for teams to build their own experiences, bringing passkeys to more users and ultimately making the web more secure, account access more reliable, and authentication easier to use.

Process

1

Undertsand and act alongside organizational strategy

2

Find potential areas to introduce passkeys. Experiment, research, and iterate to find the path forward

3

Perform deep benchmarking of existing authentication systems, performance, and listen closely to user feedback.

4

Reach out to stakeholders and share opportunity - gounding proposals in user feedback and aligned with organizational strategy

5

Design the product with user needs and strategic goals in mind, collaborating with key contributors like UXR, UXW, Visual Designers, PM, and Eng, and build on existing frameworks.

6

Test internally (dogfood), qualitative research, quantitative experiments and A/B tests to gather meaningful insights to influence product direction

7

Execute the launch and monitor post-launch performance to iterate and start the process over.

The takeaway

As the UX lead for Passkeys, I played a pivotal role in scaling this passwordless authentication solution to millions of users.

By aligning teams across product areas, several organizations (like Android and Chrome) and industry wide (via FIDO), I ensured that Passkeys not only improved security but also significantly improved UX across the web.

This project reduced reliance on less secure, less reliable authentication methods, saved operational costs, and positioned Google as a leader in secure, passwordless authentication.