'Advanced Protection Program' that protects high-security Google accounts now allows users to sign in with a passkey

Passkey is a technology that uses a cryptographic key instead of a password to authenticate users, based on FIDO2 , defined by the FIDO Alliance, an online authentication technology standardization organization that includes companies such as Google, Apple, and Microsoft. Google has announced that it will allow users to register for the Advanced Protection Program , which is available to Google account users, using a passkey that uses biometric authentication from their smartphone.

Google rolls out Passkeys to high risk users in Advanced Protection Program
https://blog.google/technology/safety-security/google-passkeys-advanced-protection-program/

You can now protect your high-risk Google account with just your phone - The Verge
https://www.theverge.com/2024/7/10/24195306/google-accounts-advanced-protection-passkey-enrollment-support-security-key

The Advanced Protection program is designed for users who are at high risk of targeted attacks, such as those working on political campaigns or journalists protecting sensitive information.

By activating this advanced protection program, you can set a security key required to log in to your Google account and limit the devices that can access Gmail and Google Drive. Google has installed the advanced protection program in Google Chrome, and its security level is said to be the 'strongest level.'

Chrome will add 'Google's strongest security protection feature' - GIGAZINE

Previously, if you enabled the Advanced Protection Program, you needed a physical security key to sign in to your Google account. Therefore, if you could not purchase a security key, you could not use the Advanced Protection Program.

Now, Google has announced that it will allow users to sign in with just a passkey. Google says, 'Passkey is an easier and more secure alternative to passwords. In fact, using a passkey to log in is 50% faster. Passkey is based on FIDO authentication and is phishing-resistant, protecting users from fraudulent emails.'

According to The Verge, an IT news site, you need a security key to actually set a passkey. You can also register a second passkey in addition to your phone number or email address in case your account gets locked out.