Security
Headlines
HeadlinesLatestCVEs

Headline

Google Adds Passkeys to Advanced Protection Program for High-Risk Users

Google on Wednesday announced that it’s making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). “Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account,” Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on

The Hacker News
#web#google#auth#The Hacker News

Cybersecurity / Phishing Attack

Google on Wednesday announced that it’s making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP).

“Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account,” Shuvo Chatterjee, product lead of APP, said.

Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on the FIDO Authentication standard, the technology is designed to secure online accounts against potential takeover attacks by ditching passwords in favor of biometrics or a PIN.

Passkeys can simultaneously act as a first- and second-factor, entirely obviating the need for a password. Earlier this May, the tech giant revealed that passkeys are being used by over 400 million Google accounts.

High-risk users, who are at an elevated exposure to cyber-attacks because of who they are and what they do (e.g., journalists, elected officials, political campaign staff, human rights workers, and business leaders), can check if they have a compatible device and browser and complete the enrollment process.

“We also require you to add recovery options during enrollment (e.g. a phone number and email, or another passkey or security key), a combination of which will help you regain access to your account if you get locked out,” Chatterjee said.

Google further said it’s partnering with Internews to provide journalists and human rights workers with security support. The program spans 10 countries, including Brazil, Mexico, and Poland.

The development comes as Google said it intends to expand dark web reports to any user with a Google account starting later this month to check if their information has been leaked on the darknet. The feature was previously limited to Google One subscribers.

“Dark web report will become available to all users with a consumer Google Account,” it noted in a support document. “Dark web report is integrated with Results about you as a combined solution to help users protect their online presence.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

The Hacker News: Latest News

15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials