Ahead of the US presidential election, Google is introducing passkey support to Advanced Protection Programs (APP) used by people at high risk of targeted attacks, including campaign workers, candidates, journalists, and human rights activists. .
Traditionally, APPs required the use of hardware security keys, but users will soon be able to register with APPs using passkeys. Users can choose to use a passkey alone or in conjunction with a password or hardware security key.
“In a critical election year, we will continue to bring this capability to the users who need it most, working with experts such as Digital Campaign Advocacy, the International Electoral Systems Foundation, Asia Center, Internews, and Possible. ” said Heather Adkins, Google's vice president of security engineering, in a blog post.
Google says passkeys have been used more than 1 billion times to authenticate users across more than 400 million Google accounts since the company began supporting passkeys in 2022. Google says passkeys are used more frequently with Google Accounts than traditional forms of two-step verification. It is a combination of SMS one-time passwords and app-based one-time passwords.
Passkey login makes it difficult for a malicious attacker to remotely access your account because they also need physical access to your phone. Passkeys also eliminate the need to rely on username and password combinations, which can be phishable.
This technology has been adopted by many other companies, including Apple, Amazon, X (formerly Twitter), PayPal, WhatsApp, GitHub, and TikTok.
Google also announced that it is expanding its cross-account protection program, which shares security notifications about suspicious activity with third-party apps connected to your Google account. The company says this can prevent cybercriminals from gaining access to one of your accounts and using it to break into other accounts. Google says it protects 2.4 billion accounts across 3.4 million apps and sites and is expanding collaboration across industries.