Google reported on its progress and announced a couple of interesting innovations.
Google officially announced that the Passkey passwordless access technology, which we discussed in detail a year ago, is already used in more than 400 million accounts, and the authentication process using this method has already been performed more than a billion times over the past two years.
Passkey technology is more resistant to phishing, and also significantly simplifies the login process, since it requires a fingerprint, face scan or PIN code, which is 50% faster than using traditional passwords, said Heather Adkins, Google's vice president of engineering security.
The company also notes that Passkey is now used for authentication in Google accounts much more often than the classic two-factor authentication methods, such as OTP and TOTP.
The company also announced that it is expanding the scope of the Cross-Account Protection feature, which warns about suspicious events with third-party applications and services connected to the user's Google account. More apps and services will support this feature soon.
It is also expected that Google will soon begin supporting the use of Passkey for high-risk users as part of its Advanced Protection Program, which aims to protect users from targeted attacks that can easily target, for example, election campaign workers, politicians, journalists and human rights defenders.
Previously, this program only required the use of hardware security keys, but now you can use Passkey for this purpose, either together with the hardware key or as the only authentication method.
The company added Passkey support to the Chrome browser in December 2022 and has since implemented a password-less authentication solution for Google accounts on all platforms by default. Passkey is also already accepted by major companies such as 1Password, Amazon, Apple, Dashlane, Docusign, eBay, Kayak, Microsoft, PayPal, Shopify, Uber, and WhatsApp.
Passkey technology works by creating a cryptographic key pair, where the private key is stored on the device, and the public key is passed to the application or website. "Since this key combination is unique, your Passkey will only work on the site or application it was created for, which prevents you from logging in to an identical — looking fake site," explained Vasu Jakkal of Microsoft.
Passkey can also be stored in third-party password management solutions such as 1Password and Dashlane, which gives users more control over where to store their credentials.
Undoubtedly, Google's Passkey technology is an important step forward in providing more secure and convenient user authentication. Abandoning traditional passwords not only protects against phishing attacks, but also significantly simplifies the process of logging in to your accounts.
The widespread adoption of Passkey by large companies indicates the promise of this solution and its potential to become a new industry standard. However, it should be remembered that no technology is 100% secure, so it is important to continue to improve data protection measures and raise user awareness of cyber threats.
Google officially announced that the Passkey passwordless access technology, which we discussed in detail a year ago, is already used in more than 400 million accounts, and the authentication process using this method has already been performed more than a billion times over the past two years.
Passkey technology is more resistant to phishing, and also significantly simplifies the login process, since it requires a fingerprint, face scan or PIN code, which is 50% faster than using traditional passwords, said Heather Adkins, Google's vice president of engineering security.
The company also notes that Passkey is now used for authentication in Google accounts much more often than the classic two-factor authentication methods, such as OTP and TOTP.
The company also announced that it is expanding the scope of the Cross-Account Protection feature, which warns about suspicious events with third-party applications and services connected to the user's Google account. More apps and services will support this feature soon.
It is also expected that Google will soon begin supporting the use of Passkey for high-risk users as part of its Advanced Protection Program, which aims to protect users from targeted attacks that can easily target, for example, election campaign workers, politicians, journalists and human rights defenders.
Previously, this program only required the use of hardware security keys, but now you can use Passkey for this purpose, either together with the hardware key or as the only authentication method.
The company added Passkey support to the Chrome browser in December 2022 and has since implemented a password-less authentication solution for Google accounts on all platforms by default. Passkey is also already accepted by major companies such as 1Password, Amazon, Apple, Dashlane, Docusign, eBay, Kayak, Microsoft, PayPal, Shopify, Uber, and WhatsApp.
Passkey technology works by creating a cryptographic key pair, where the private key is stored on the device, and the public key is passed to the application or website. "Since this key combination is unique, your Passkey will only work on the site or application it was created for, which prevents you from logging in to an identical — looking fake site," explained Vasu Jakkal of Microsoft.
Passkey can also be stored in third-party password management solutions such as 1Password and Dashlane, which gives users more control over where to store their credentials.
Undoubtedly, Google's Passkey technology is an important step forward in providing more secure and convenient user authentication. Abandoning traditional passwords not only protects against phishing attacks, but also significantly simplifies the process of logging in to your accounts.
The widespread adoption of Passkey by large companies indicates the promise of this solution and its potential to become a new industry standard. However, it should be remembered that no technology is 100% secure, so it is important to continue to improve data protection measures and raise user awareness of cyber threats.
