Google continues to lead the way in implementing robust safety measures to safeguard personal data from phishing attacks. In a recent update, Google has introduced passkeys as a much safer alternative to passwords, specifically designed for Workspace and Cloud users. This development follows the company’s previous announcement of supporting personal accounts last month.
What Are Passkeys?
Google CEO Sundar Pichai took to Twitter to unveil the concept of passkeys. Passkeys provide a passwordless method of signing in to accounts, offering convenient and secure authentication across various websites and applications. Users can utilize fingerprint recognition, face recognition, or other locking mechanisms on all devices, including phones, desktops, and laptops. Passkeys are available on Android, ChromeOS, iOS, macOS, and Windows. Unlike passwords, passkeys cannot be written down or inadvertently disclosed, ensuring a significantly safer login option.
Enhanced Security and Privacy: Google stated in a blog post that security keys, such as passkeys, provide superior protection against automated bots, bulk phishing attacks, and targeted attacks compared to SMS-based one-time passwords and other traditional two-factor authentication methods. Passkeys were developed with user privacy in mind. When signing in to Workspace apps like Gmail or Google Drive with a passkey, it verifies that the user has access to their device and can unlock it using biometric authentication. Notably, the user’s biometric information is never transmitted to Google servers or to those of other websites or applications.
Rationale Behind Passkeys: As mentioned in the blog post, phishing attacks witnessed a staggering 61% increase in 2022. Google further revealed that in 2021, more than 60% of data breaches were caused by stolen credentials or phishing, resulting in an average cost of $4.91 million in 2022.
How to Use Passkeys?
Google has provided clear instructions on how to utilize passkeys:
-
Tap on “Use Passkeys.”
-
To create a passkey for a different device, scroll to the bottom of the page and select the “Create a Passkey” option.
-
Choose “Another Device” and follow the prompted steps.
Additionally, Google has stated that passkeys, console controls for Workspace administrators, and the option for users to forgo password authentication during sign-in will be available within the next few days. Passkeys can also be utilized as a 2-Step Verification (2SV) technique.
The Benefits
Google’s passkeys offer several benefits, including enhanced protection against phishing attempts, reduced reliance on traditional passwords, and improved user privacy. By leveraging passkeys, users can enjoy a more seamless and secure sign-in experience across various devices and platforms.
In an ever-evolving digital landscape, where cyber threats continue to grow, Google’s focus on developing innovative security measures demonstrates its commitment to safeguarding user data. By introducing passkeys and emphasizing their effectiveness in countering phishing attacks, Google aims to mitigate the risks associated with stolen credentials and phishing incidents.
Wrapping up
With the launch of passkeys and its continued efforts in advancing security measures, Google remains at the forefront of implementing cutting-edge solutions to protect user information. By offering a passwordless sign-in option that emphasizes convenience and security, Google sets a new standard for authentication methods in the digital era.
