Google Enhances Security for High-Risk Users with Passkeys
Google has taken a significant step in bolstering online security. The tech giant has introduced passkeys for high-risk users enrolling in its Advanced Protection Program (APP). This move aims to provide the strongest level of account security available.
The Advanced Protection Program is a free service. It targets users who face a higher risk of online attacks. These users include activists, journalists, business leaders, and political teams. The APP offers robust protection against unauthorized access attempts. It also guards against phishing attacks, malicious apps, and data theft.
Passkeys represent a new approach to account security. They are tied to specific devices like computers, tablets, or smartphones. Passkeys work locally on these devices. This makes them a more secure option than traditional passwords. They significantly reduce the risk of data breaches.
Users can access their accounts using various methods with passkeys. These include biometric sensors, PINs, hardware security keys, or screen lock patterns. Creating a passkey is simple. Users can do it by visiting Google’s dedicated page and clicking the “Get passkeys” button.
Shuvo Chatterjee, Product Lead of Google’s Advanced Protection Program, explained the change. He said that previously, users needed two physical security keys to enroll in APP. This requirement posed challenges for some users. Passkeys now offer a more accessible solution. They allow high-risk users to rely on devices they already own for secure authentication.
To enroll in APP using a passkey, users need a compatible device and browser. The enrollment process involves a few simple steps. Users visit the APP enrollment page, click “Get started,” and follow the on-screen instructions. They can choose to enroll with either a passkey or a physical security key.
Google has also implemented a recovery option during APP enrollment. This ensures users can regain access if they get locked out. Recovery options include a phone number, email, or another passkey or security key.
This update is part of Google’s broader push towards passwordless authentication. In October, Google made passkeys the default sign-in method for all personal accounts. Earlier, in May 2023, the company introduced passwordless sign-in support for all Google accounts. Google also added passkey support to Chrome and Android in October 2022.
The introduction of passkeys for high-risk users marks a significant advancement in online security. It offers a more accessible and robust protection method for those most vulnerable to cyber attacks. As online threats continue to evolve, such innovations play a crucial role in safeguarding digital identities and sensitive information.
