Review • Our Google Pixel review: Pure Android at its absolute best Tags See it 2:46 Preview • Pixel and Pixel XL unveiled: Google’s post-Nexus phones come out swinging (hands-on) 17 Photos But it’s only a small step for now. Google offers it only in “step-up” situations where you’re confirming your authentication rather than first-time logins. So this demotes passwords without actually getting rid of them. Microsoft is a notch more aggressive in moving its online services like Outlook.com, Skype, OneDrive and Xbox Live to a post-password design.Both the moves are made possible with an open authentication standard called FIDO2 that Google helped to develop through a consortium called the Fast Identity Online (FIDO) Alliance.For higher-security situations, like logging onto a new device for the first time, Google offers support for hardware security keys, including its own Titan models and third-party models from companies like Yubico. That, too, is enabled by FIDO2. How To • How to transfer your data from an iPhone to Android phone $219 Now playing: Watch this: Share your voice Chrome Google Now Google Microsoft Mobile Security All the different Android versions through the years Mentioned Above Google Pixel (32GB, Quite Black) News • Google Pixel 3A: Where is AT&T? Google Pixel Comments 12 Who needs a password when you’ve always got this at your disposal? James Martin/CNET Google has taken an important step into a future that doesn’t require passwords, letting phone users log on to some websites using just their Android phones. That means you’ll be able to sign into a site using a passcode or fingerprint, starting with Google’s Pixel phones Monday and spreading to other relatively recent Android phones in coming days, Google said.”This new capability marks another step on our journey to making authentication safer and easier for everyone to use,” said two Google team members, Dongjing He and Christiaan Brand, in a blog post Monday. For now, the service works on Google’s passwords.google.com website, but the company plans to expand it to other Google services.In case you hadn’t got the memo, passwords are awful — the ones that are most secure happen to be the ones that are hardest to type and remember. That’s even leaving aside the issue of the many breaches that have splattered passwords and other personal data all over the internet. Google’s use of Android as an authentication device is an important step beyond password problems. Inside a password-free future CNET may get a commission from retail offers.