Passkeys are a modern, secure way to sign in to your Gemini account without the need for traditional email and password. Passkeys use advanced cryptographic technology to link your Gemini account to your device, making authentication seamless and highly secure.
Why should I use passkeys?
Passkeys offer enhanced security compared to traditional two-factor authentication (2FA) methods like SMS or Authy. They resist phishing and SIM-swapping attacks, ensuring that only authorized users can access accounts. Additionally, passkeys are unique to each device, minimizing the risk of unauthorized access and strengthening overall account protection.
How do I opt-in?
Opt-into passkeys by navigating to your Account Settings > Security on web or Account Settings > Security Settings on mobile and locate “Passkeys” within the “Two-factor authentication methods (2FA)” section. From there, you can easily create a passkey to sign in without a password or perform two-factor authentication during sensitive actions such as withdrawals.
Can I Use My Passkey Only for 2FA Purposes?
To use your passkey exclusively as a 2FA method and not for passwordless sign-in, navigate to Account Settings > Security Settings > Sign in with Passkey and disable it for sign-in. Once disabled, your passkey will function solely for 2FA purposes.
I didn’t choose to have “Sign in with passkey” enabled, why is it on?
If you did not have a passkey registered with Gemini before September 2024, opting in to passkeys will automatically enable the Sign in with Passkey feature. However, if you already had a passkey registered with Gemini prior to September 2024, you need to manually enable Sign in with Passkey by navigating to Account Settings > Security and toggling the feature on.
What if I’m an Android user?
Passkeys on Gemini are available across web and mobile platforms including iOS and Android devices.
How do I perform 2FA using passkeys?
Once you opt into passkeys, they become your default 2FA method across both web and mobile, for all authentication, including sign-ins and withdrawals. Passkeys created on your primary device will require only biometric authentication, such as fingerprint or facial recognition, to complete 2FA. If you use passkeys on a non-primary device where the passkey isn’t stored, the device will prompt you to scan a QR code to connect to your primary device. For example, if you set up passkeys on your phone and then attempt to log in on your computer, a QR code will appear on the computer screen. Open the camera app on your phone to scan the QR code and follow the on-screen instructions to complete the authentication process.
Am I eligible?
All Gemini operational countries are eligible for Passkey usage at time of launch.
What if I have a security key (hardware key) and a passkey?
Gemini recommends using both security keys and passkeys for optimal security, as they are the most secure authentication methods available. Passkeys are software-based and tied to your device, while security keys are physical objects that you must possess. Gemini supports having both security keys and passkeys associated with your account. When passkeys are enabled, they will be used as the default method for authentication.
Why do I see a QR code when signing in with a passkey on mobile?
If you see a QR code on your mobile device when signing in with a passkey, it means that device doesn't have a stored passkey for Gemini. This typically occurs if your passkey was created on another device, such as a web browser.
To resolve this:
- Use your passkey to access your account via a web browser. Ensure you are using an authorized device or authorize your current device.
- Temporarily turn on the Authentication code 2FA option in your security settings.
- Open the Gemini app on your mobile device and create a new passkey. This passkey can now be used across web and mobile.
- After setting up the passkey on your mobile app, disable authentication codes to keep your account safe.