As part of World Password Day (yes, that’s a thing), Google touts its security achievements and shares updates on its latest endeavors. The company revealed password acceptance metrics for the first time and said they were used more than one billion times by 400 million Google accounts. “Since launch, passkeys have proven to be faster than passwords because they require users to simply unlock their device using a fingerprint, face scan, or pin to sign in,” Google wrote.

The company launched broad support for passwords in 2022 and rolled them out across its services a year ago. In the past 12 months, the technology has been adopted by Amazon, 1Password, Dashlane, Docusign and others, joining the likes of eBay, PayPal and WhatsApp. Google boasted that the technology helped Kayak users sign in 50 percent faster and said Dashlane saw a 70 percent increase in conversions with passwords.

Google will soon extend passwords to users at highest risk of targeted attacks as part of its Advanced Protection Program (APP). This offer is aimed at individuals, including workers and candidates, journalists, human rights activists and others, according to the company.

“APP registration has traditionally required the use of hardware security keys as a second factor, but users will soon have the option to register with a random access key in addition to using their hardware security keys,” Google wrote. “This enhanced password support will help lower the barrier to entry into APPs while providing phishing-resistant authentication… [and] it comes during a critical election year.”

It also extends Cross-Account Protection to protect users across multiple platforms. This system allows Google to share security notifications about a suspicious event with non-Google apps and services. “This is a critical advantage as cybercriminals often use an initial entry point as a foothold to gain access to more of your information.”

Google offers create an access key so your account can take advantage of the new protections. In the meantime, practice good password hygiene by using long passwords with a mix of characters, numbers, and symbols, implementing two-factor authentication (2FA), never recycling passwords, and more. According to HIPAAattackers can crack a simple 8-digit password in just 37 seconds, but it takes 19 quadrillion years to crack an 18-digit cipher with a mix of numbers, uppercase and lowercase letters, and symbols.

https://www.engadget.com/google-says-its-secure-entry-passkeys-have-been-used-a-billion-times-120001230.html?src=rss