Google announced a major security upgrade for its Advanced Protection Program (APP), allowing users to enroll with passkeys instead of hardware security keys.
Nearly 2 billion people use Gmail, making it a prime target for hackers. Google’s Advanced Protection Program, which offers the highest level of security, now allows users to enroll with passkeys instead of requiring hardware security keys. The change eliminates the need for a second-factor authentication method, making it easier for high-risk users like politicians, activists, and journalists to secure their accounts.
Shuvo Chatterjee, the product lead of Google’s Advanced Protection Program, stated, “Passkeys give high-risk users the option to rely on the ease and security that comes with using personal devices they already own, as opposed to another device or tool like a security key, for phishing-resistant authentication.”
Passkeys are a more secure and user-friendly authentication method compared to traditional passwords. They rely on biometrics (like fingerprints or facial recognition) or a PIN tied to the user’s device, eliminating the need for passwords and reducing the risk of phishing attacks.
Related: Steps to protect against phishing attacks
Introducing passkeys in Google’s APP is a significant step toward a passwordless future, enhancing security and user convenience. That move benefits high-risk users and sets a new standard for online security practices.
Google’s shift to passkeys in its Advanced Protection Program indicates the evolving landscape of cybersecurity. As digital threats increase, users will have to adopt more secure authentication methods. Users are encouraged to enroll in the APP to take advantage of these enhanced security measures.
Passkeys are more secure as they are tied to a user's device and use biometrics or PIN codes, making them resistant to phishing attacks and eliminating the need to remember or type passwords.
Yes, passkeys can be synchronized across devices signed in to the same Google account, providing seamless and secure access without having to set up each device separately.
Healthcare organizations can enhance cybersecurity by implementing strong access controls, regularly updating software, training staff on security best practices, and conducting regular risk assessments.