Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More
Today, Google announced that it is rolling out support for passkeys across Google accounts on all major platforms. As of today, users can now use passkeys for a passwordless sign-in experience on apps and websites with fingerprinting, facial recognition or a local pin without the need to enter a password or complete 2-step verification (2SV).
To configure a passkey, users can visit a website or app, sign-in via with their existing username and password, then opt to create a passkey that can then be stored in a solution like Google Password Manager to login in the future.
Unlike passwords, passkeys can’t be stolen, which makes them resistant to credential theft, phishing, and social engineering scams. As a result, broader support for passwordless sign-in options will make Google accounts more resistant to identity-based attacks.
“Passkeys are a more convenient and safer alternative to passwords,” Google software engineers Arnar Birgisson and Diana K. Smetters write in the official blog post. “Even the most savvy users are often misled into giving them up during phishing attempts.”
Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.
Password-based security inefficient for modern enterprise
The release comes as the weaknesses of password-based security are becoming increasingly apparent, with hackers leaking more than 721 million passwords online last year. Vendors including Microsoft and Apple have committed to developing a common passwordless sign-in standard.
While existing technologies like multi-factor authentication (MFA) have helped to enhance online account security, they haven’t fully addressed the risk of credential theft due to their susceptibility to SIM swap attacks that hijack the SMS verification process, and the inconvenience of adding additional authentication steps for end users.
Passwordless login options like passkeys that enable users to log in with biometric data provide a user-friendly alternative that decreases the likelihood of a successful account takeover attempt.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.