Article Details
Scrape Timestamp (UTC): 2024-07-10 10:11:32.244
Source: https://thehackernews.com/2024/07/google-adds-passkeys-to-advanced.html
Original Article Text
Click to Toggle View
Google Adds Passkeys to Advanced Protection Program for High-Risk Users. Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on the FIDO Authentication standard, the technology is designed to secure online accounts against potential takeover attacks by ditching passwords in favor of biometrics or a PIN. Passkeys can simultaneously act as a first- and second-factor, entirely obviating the need for a password. Earlier this May, the tech giant revealed that passkeys are being used by over 400 million Google accounts. High-risk users, who are at an elevated exposure to cyber-attacks because of who they are and what they do (e.g., journalists, elected officials, political campaign staff, human rights workers, and business leaders), can check if they have a compatible device and browser and complete the enrollment process. "We also require you to add recovery options during enrollment (e.g. a phone number and email, or another passkey or security key), a combination of which will help you regain access to your account if you get locked out," Chatterjee said. Google further said it's partnering with Internews to provide journalists and human rights workers with security support. The program spans 10 countries, including Brazil, Mexico, and Poland. The development comes as Google said it intends to expand dark web reports to any user with a Google account starting later this month to check if their information has been leaked on the darknet. The feature was previously limited to Google One subscribers. "Dark web report will become available to all users with a consumer Google Account," it noted in a support document. "Dark web report is integrated with Results about you as a combined solution to help users protect their online presence."
Daily Brief Summary
Google has introduced the option of using passkeys for high-risk users under its Advanced Protection Program (APP), an upgrade from the traditional requirement of physical security keys.
Passkeys offer enhanced security by eliminating the need for passwords, using biometrics or PINs instead, making them phishing-resistant and robust against account takeover attempts.
The FIDO Authentication standard, which underpins the technology, allows passkeys to function as both first
and second-factor authentication tools.
As of May, over 400 million Google accounts have adopted passkeys, reflecting substantial uptake of this secure authentication method.
Users eligible for APP include individuals at high risk of cyber-attacks, such as journalists, elected officials, and human rights workers, who can now check compatibility and enroll using their devices and browsers.
Enrollment for the APP includes setting up recovery options such as additional phone numbers, emails, or alternative security measures, ensuring account accessibility if primary credentials are compromised.
Google is also extending its collaboration with Internews to offer security support to journalists and human rights advocates across 10 nations including Brazil, Mexico, and Poland.
Additionally, Google plans to extend its dark web monitoring services to all users with a Google account to help them check if their personal information has been compromised online; this service was previously limited to Google One subscribers.