Sunday , July 20 2025

Google rolls out passkey support across accounts on all major platforms

Google has begun rolling out support for passkeys across Google Accounts on all major platforms, adding a new sign-in option that can be used alongside passwords and two-step verification. The tech giant announced passkey availability on the eve of World Password Day as it looks to introduce more secure, reliable sign-in options.

The rollout comes in the wake of Google updates on bringing passkey experiences to both Chrome and Android, as well as tech industry support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium.

HPE alerts of hardcoded passwords in Aruba access points

Hewlett-Packard Enterprise (HPE) warns that Aruba Instant On Access Points have hardcoded credentials, enabling attackers to skip normal authentication and...
Read More
HPE alerts of hardcoded passwords in Aruba access points

Akira Ransomware Allegedly Compromise 12 Companies in 72 Hours

The Akira ransomware group increased its attacks, adding 12 new victims to its dark web portal from July 15 to...
Read More
Akira Ransomware Allegedly Compromise 12 Companies in 72 Hours

Singapore urgently engage military force to tackle ‘serious’ cyberattack

Defence Minister Chan Chun Sing said these select units will work with the Cyber Security Agency (CSA) in a united...
Read More
Singapore urgently engage military force to tackle ‘serious’ cyberattack

Hackers infect 10M Androids with BADBOX 2.0

Google is suing 25 unidentified cybercriminals thought to be from China for running BADBOX 2.0, a major global botnet with...
Read More
Hackers infect 10M Androids with BADBOX 2.0

Oracle Patched 200 Vulns With July 2025 CPU

Oracle's July 2025 Critical Patch Update includes 309 new security patches, with 127 addressing remotely exploitable vulnerabilities. SecurityWeek found about...
Read More
Oracle Patched 200 Vulns With July 2025 CPU

Ivanti Zero-Days Exploited to Drop MDifyLoader

Cybersecurity researchers have revealed a new malware named MDifyLoader, linked to cyber attacks using security vulnerabilities in Ivanti Connect Secure...
Read More
Ivanti Zero-Days Exploited to Drop MDifyLoader

CISA added Fortinet FortiWeb vul to KEV catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a crucial vulnerability in Fortinet FortiWeb in its Known Exploited Vulnerabilities...
Read More
CISA added Fortinet FortiWeb vul  to KEV catalog

Adoption Agency Exposes One Million+ Records

Security researcher Jeremiah Fowler discovered an online database exposing sensitive information from an adoption agency. Jeremiah Fowler Jeremiah specializes in...
Read More
Adoption Agency Exposes One Million+ Records

CVE-2025-20337
Patch Now! Cisco ISE bug allows pre-auth command execution

A critical vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC, identified as CVE-2025-20337, has a CVSS score of...
Read More
CVE-2025-20337  Patch Now! Cisco ISE bug allows pre-auth command execution

BD Bank Honours PABC Officials for Foiling $20 Million Cyber Fraud Attempt

On Tuesday, Bangladesh Bank organized a special award ceremony at its headquarters in Dhaka to formally recognize and honor a...
Read More
BD Bank Honours PABC Officials for Foiling $20 Million Cyber Fraud Attempt

Passkeys are a form of passwordless authentication that look set to become a key part of security. Passkeys represent a more secure authentication foundation for enterprise security, and although they are not foolproof, they are far more reliable than passwords for customers, employees, and partners.

Passkeys for Google Accounts are available now and can be set up easily, according to Google. For Google Workspace accounts, administrators will soon have the option to enable passkeys for their end-users during sign-in. Passwords and two-step authentication will still work for Google Accounts, the firm said.

Password-reliant authentication a major security problem for businesses

Password-only authentication is one of the biggest security problems businesses face. Poor password hygiene, reuse, weak and stolen credentials have plagued organizations for years, exposing them to significant threats and attacks including account takeovers, data breaches, and stolen identities.

The industry has sought alternative, more secure means of authentication for some time, with passkeys central to many recent efforts being made. Passkeys are an approach to authentication that is multifactor, with an emphasis on the device as a first factor. By uniting the device with another factor, passkeys evolve past the “what you know” style of security represented by passwords to a “what you possess and what you know” approach.

Passkeys resistant to phishing attacks, but not foolproof

“Unlike passwords, passkeys are resistant to online attacks like phishing, making them more secure than things like SMS one-time codes,” read a Google posting. Passkeys do offer several security benefits to businesses, chiefly because they are cryptographic keys, removing the issue of weak passwords. They do not share vulnerable information, so many password attack vectors are eliminated, and they are resistant to phishing and other social engineering attacks, too. The passkey infrastructure itself negotiates the verification process and isn’t fooled by a good fake website, which eradicates accidentally typing a password into the wrong form.

However, passkeys are not foolproof. Enterprise security concerns include ensuring that employees and others follow policy for the security of devices used with passkeys. Furthermore, passkey recovery can be an issue if a device is lost, stolen, or destroyed. The process requires re-requesting a passkey from each service. On the plus side, a stolen device is not a security vulnerability as the device itself must be unlocked to gain access to the passkey.

Check Also

AMD

AMD discloses 4 new CPU flaws Affecting Many CPUs

AMD has revealed four new vulnerabilities that could enable attackers to access sensitive data via …

Leave a Reply

Your email address will not be published. Required fields are marked *