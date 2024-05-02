



Kelly Wang/ZDNET

Today is World Password Day, and Google wants you to know that your passwords are about to expire.

A passkey consists of two cryptographic keys: a public key that is registered with an online service or app, and a private key that is stored on a device such as a smartphone or computer. Although it may sound complicated, passkeys are designed to be easy to use. In fact, you can log in with a passkey in much the same way you unlock your smartphone: with your face, fingerprint, or PIN.

Heather Adkins, vice president of security engineering at Google, said in a blog post today that more than 400 million Google accounts have been protected with passkeys since Google introduced passkeys on World Password Day 2022. Announced. In addition, these users logged more than 1 billion total authentications, demonstrating the increasing adoption and use of this relatively new security feature.

In fact, the use of Google Account passkeys goes beyond traditional forms of two-step verification (2SV), including SMS-based one-time passwords (OTPs) and app-based OTPs (such as those used in the Authenticator app). Masu. According to Google, passkey users experience 50% faster login times than users who use passwords, increasing both the security and efficiency of the authentication process.

Google also announced plans to integrate passkeys into its Advanced Protection Program (APP), which provides enhanced security measures for high-risk Google account users such as activists, politicians, and journalists. Users enrolled in the program will soon be able to choose between using passkeys alone or in conjunction with traditional passwords and hardware security keys.

This integration is an important step in strengthening security while maintaining convenience for users who are at increased risk of targeted attacks.

So what's stopping everyone from adopting passkeys?

For years, creating complex passwords has been emphasized as the best line of defense for protecting your digital accounts. Now people are confused and wondering what has changed. It's hard to understand that the digital security landscape is constantly evolving, and with it, the strategies for securing access to online information.

Passkeys offer a new, more streamlined, and more secure approach to security, greatly reducing the risk of phishing and eliminating the need to remember and manage multiple passwords, but It's difficult to convey to users.

The transition from traditional passwords to passkeys certainly brings its own set of challenges. Especially because of the abstract nature of passkeys compared to the concrete and familiar form of passwords. Passkeys can seem daunting due to their complexity, requiring interaction with on-screen prompts, QR codes, and device-based authentication. Simply telling users that they can log in to your site in half the time isn't enough to encourage many users to switch to your site.

Passwords are far from obsolete, but it looks like we'll be celebrating World Password Day for years to come.

