[go: up one dir, main page]
Skip to main content
The Keyword

Safety & Security

Passkeys, Cross-Account Protection and new ways we’re protecting your accounts

May 02, 2024

[[read-time]] min read

For World Password Day, we’re sharing updates to passkeys across our products and sharing more ways we’re keeping people safe online.

Heather Adkins
Heather Adkins
VP, Security Engineering
illustration of a smartphone with a lock on it and fingerprint icon

Passwords are often at the core of today’s major cybersecurity issues, which is why we’ve continued to create new authentication technology over the years. In 2022, for World Password Day, we launched passkeys. Today, we’re proud to announce that they have since been used to authenticate users more than 1 billion times across over 400 million Google Accounts.

We’re also excited to announce the expansion of our Cross-Account Protection program and new updates to passkeys.

Expanding Cross-Account Protection

We’re expanding Cross-Account Protection — our program for sharing security notifications, in a privacy-preserving way, with other companies that run the non-Google apps and services you use. This helps prevent cybercriminals from gaining a foothold in one of your accounts and using it to infiltrate others. We are currently protecting 2.4 billion accounts across 3.4 million apps and sites, and are growing our collaborations across the industry to keep billions of users safer online. It’s built on the Shared Signals Framework, which we helped create and launch in 2019, and in the coming year we’re expanding our partnerships and support for this program. Stay tuned for which of your favorite apps and services begin using Cross-Account Protection.

Passkeys reaches a milestone — and what’s next

In less than a year, passkeys have been used to authenticate people more than 1 billion times across over 400 million Google Accounts. Passkeys are easy to use and phishing resistant, only relying on a fingerprint, face scan or a pin making them 50% faster than passwords. In fact, on a daily basis passkeys are already used for authentication on Google Accounts more often than legacy forms of 2SV, such as SMS one-time passwords (OTPs) and app based OTPs (such as Authenticator apps) combined.

  • Passkeys for high risk users. We’ll soon support the use of passkeys to enroll in our strongest security offering, the Advanced Protection Program (APP). APP safeguards users who are at the highest risk of targeted attacks, including campaign workers and candidates, journalists, human rights workers, and more. APP traditionally required using hardware security keys as a second factor; but soon users can enroll in APP with any passkey in addition to their hardware security keys; or use their passkeys as a sole factor or along with a password. In a critical election year, we’ll be bringing this feature to our users who need it most, and continue to work with experts like Defending Digital Campaigns, the International Foundation for Electoral Systems, Asia Centre, Internews and Possible to help protect global high risk users.
  • More choice in where you store your passkeys. We are pleased to see independent password manager vendors, such as 1Password and Dashlane, now leveraging the passkeys management APIs on Android and other operating systems. This important milestone, together with the ability to store passkeys on security keys, will give users more control.
  • Growing industry support for passkeys. Since we launched passkeys we’ve seen our list of partners grow, strengthening security for people across platforms. In just the last 12 months, Amazon, 1Password, Dashlane, Docusign, Kayak, Mercari, Shopify and Yahoo! JAPAN have started rolling out passkeys, joining early adopters like eBay, Uber, PayPal and Whatsapp. In fact, Dashlane is seeing a 70% increase in conversion with passkeys and Kayak users are signing in 50% faster than before.
  • a card that says “With passkeys, our customers are finding it easier to sign in compared to passwords and codes.” - Amazon
  • a card that says “The advent of syncable passkeys was the catalyst that led Dashlane to go all in on passwordless technologies. Dashlane, Google, and other industry partners are continuously collaborating to enhance synced passkeys, for example, making it easier for users to securely migrate their passkeys if they switch providers along with many other upcoming enhancements.” - Dashlane
  • a card that says “Last year, KAYAK integrated passkeys into its Android, and other mobile and web apps. As a result, KAYAK reduced the average time it takes their users to sign-in by 50%, and also saw a decrease in support tickets.” - Kayak

Create a passkey for your Google Account today to benefit from these new protections and visit myaccount.google.com/safer to learn all the ways you’re Safer with Google.

POSTED IN:

Related stories

Let’s stay in touch. Get the latest news from Google in your inbox.

Subscribe