searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters
Helga Labus
Helga Labus, Managing Editor, Help Net Security
June 5, 2023
Share

Google extends passkeys to Google Workspace accounts

After making passkeys available for consumers in early May, Google is now rolling them out for Google Workspace and Google Cloud accounts.

Google Workspace passkeys

This feature will soon be available (in open beta) for more than 9 million organizations and aims to provide users with a hassle-free sign-in experience without the need for traditional passwords.

“While users can still continue using passwords to sign in to their work and personal Google Accounts, passkeys can offer a simpler and more secure alternative and can reduce the impact of phishing and other social engineering attacks,” said Google’s Jeroen Kemperman and Shruti Kulkarni.

Why passkeys?

Passkeys offer a new method of authentication that simplifies the login process while enhancing security. Users can now sign in using their fingerprint, face recognition, or other screen-lock mechanisms on their phones, laptops, or desktops.

Passkeys do not require users to remember or type anything, eliminating the risk of forgotten, easily guessed or compromised-by-malware credentials. They also cannot be written down or accidentally shared, further enhancing security.

“Google early data (March – April 2023) has shown that passkeys are 2x faster and 4x less error prone than passwords,” researches noted.

Google reserach has also shown that passkeys provide a higher level of protection against automated bots, bulk phishing attacks, and targeted attacks compared to other traditional methods like SMS or app-based one-time passwords.

“Phishing-resistance of passkeys is why users who are at high risk of targeted attacks and enrolled in the Advanced Protection Program can now use passkeys in addition to physical security keys,” Kemperman and Kulkarni added.

Passkeys for Google Workspace

Google plans to gradually roll out passkeys for users and provide controls for Workspace administrators over the next few weeks.

“Administrators can allow users in their organizations to skip passwords at sign-in using a passkey. By default, this setting is off, which means that users can’t skip passwords during sign-in, but can still create and use passkeys as a 2-Step Verification (2SV) method,” they explained.

To protect users’ privacy and data, biometric data will never be transmitted to Google’s servers or any other websites and apps.

More about
  • account protection
  • authentication
  • Google
  • Google Cloud
  • Google Workspace
  • passwordless
Share this

Featured news

  • Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
  • Evolving conversations: Cybersecurity as a business risk
  • CISO’s compass: Mastering tech, inspiring teams, and confronting risk
Guide: SaaS Offboarding Checklist

Sponsored

eBook: 9 Ways to Secure Your Cloud App Dev Pipeline

Free entry-level cybersecurity training and certification exam

Guide: Attack Surface Management (ASM)

Don't miss

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)

Evolving conversations: Cybersecurity as a business risk

CISO’s compass: Mastering tech, inspiring teams, and confronting risk

GenAI in software surges despite risks

Chalk: Open-source software security and infrastructure visibility tool

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us