Google Announces Passkey Support For Google Accounts

Yesterday, Google announced that users can now sign into their Google account using passkeys instead of passwords or 2-step Verification. The move is part of the company’s efforts towards passwordless authentication and to further protect users from threats like phishing.

“This signature proves to us that the device is yours since it has the private key, that you were there to unlock it, and that you are actually trying to sign in to Google and not some intermediary phishing site,” Google’s Arnar Birgisson and Diana K Smetters said.

 Passkeys will be linked to each device where they’ve been added to the account allowing devices to be unlocked locally using a PIN or screen lock biometrics. Passkeys will be securely backed up and synced to the cloud and work across all major web browsers and platforms.
For now, passkeys will be an additional Google sign-in option ensuring that users have a fallback method and can log in using a password.

Roy Akerman, Co-Founder & CEO, Rezonate had this to say:

   “Only last year Google shared its intent to end passwords realizing that identity threats are a top priority, and right before password national day it takes a major step towards that goal. Google is not alone on this mission joining FIDO alliance, Apple, and Microsoft which are on the same path. As adoption increases, we will see a decrease in less secured 2FA (two factor authentication) options available. Passkeys are proven to resist online attacks such as phishing compared to the common SMS OTP (one time password) yet security teams should carefully review usage and attempts as attackers will try to bypass and be ahead of the game.”

I am a big fan of passkeys as this will solve a lot of problems in terms of online security that consumers have. Thus making them a lot safer as a result. Hopefully other companies jump onto the passkeys bandwagon as that will make users more safe in more places.

Leave a Reply

%d bloggers like this: