VentureBeat presents: AI Unleashed - An exclusive executive event for enterprise data leaders. Network and learn with industry peers. Learn More
Today, Google announced that it is rolling out support for passkeys across Google accounts on all major platforms. As of today, users can now use passkeys for a passwordless sign-in experience on apps and websites with fingerprinting, facial recognition or a local pin without the need to enter a password or complete 2-step verification (2SV).
To configure a passkey, users can visit a website or app, sign-in via with their existing username and password, then opt to create a passkey that can then be stored in a solution like Google Password Manager to login in the future.
Unlike passwords, passkeys can’t be stolen, which makes them resistant to credential theft, phishing, and social engineering scams. As a result, broader support for passwordless sign-in options will make Google accounts more resistant to identity-based attacks.
“Passkeys are a more convenient and safer alternative to passwords,” Google software engineers Arnar Birgisson and Diana K. Smetters write in the official blog post. “Even the most savvy users are often misled into giving them up during phishing attempts.”
An exclusive invite-only evening of insights and networking, designed for senior enterprise executives overseeing data stacks and strategies.
Password-based security inefficient for modern enterprise
The release comes as the weaknesses of password-based security are becoming increasingly apparent, with hackers leaking more than 721 million passwords online last year. Vendors including Microsoft and Apple have committed to developing a common passwordless sign-in standard.
While existing technologies like multi-factor authentication (MFA) have helped to enhance online account security, they haven’t fully addressed the risk of credential theft due to their susceptibility to SIM swap attacks that hijack the SMS verification process, and the inconvenience of adding additional authentication steps for end users.
Passwordless login options like passkeys that enable users to log in with biometric data provide a user-friendly alternative that decreases the likelihood of a successful account takeover attempt.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.