Request a Quote

Google launches passkeys for Workspace

We Keep you Connected

Google launches passkeys for Workspace

Google launches passkeys for Workspace
Your email has been sent
Google launched an open beta feature on June 5 that lets individuals and organizations log in to Workspace with public and private encrypted passkeys.
Google validated the virtues of passkey authentication technology on Monday with an open beta version of passkey access that allows people and organizations around the world to sign into their Google Workspaces using passkeys. Google reports that nine million organizations now use Workspace.
Google is in step with many other companies in moving away from passwords and toward public/private encrypted credentials — based on FIDO standards (called FIDO2) — that are resistant to phishing exploits.
The company said passkeys will pair with on-device biometrics — like fingerprints and facial recognition, for example. Passkeys can be used across browsers, are browser-agnostic, and allow for authentication across devices. Google said its data from last spring shows passkeys are two times faster and four times less error-prone than passwords.
With the public/private keys — the basis of the cryptographic system that allows password-free logins — an encrypted key lives on a user’s device, meaning it cannot be activated unless the user themselves have unlocked the device. While the cryptographic key is stored on the device, a public key is uploaded to Google.
Jump to:
Google — along with Microsoft, Apple and others — announced last year that it would start to support passkeys and participate in their development with the Fast Identity Online Alliance, better known as the FIDO Alliance, and the World Wide Web Consortium standards.
At last year’s Worldwide Developers Conference, Apple announced it would be integrating passkey support into its next version of iOS this fall. This year, ahead of World Password Day, Google, Microsoft and Apple all reaffirmed their support for passkeys, with Google doing so across Google Accounts on all major platforms.
SEE: RIP passwords; tech giants roll out passkey capabilities ahead of World Password Day (TechRepublic).
“Passkeys introduce meaningful security and usability benefits to users, and we’re thrilled to be the first major public cloud provider to bring this technology to our customers — from small businesses and large enterprises to schools and governments,” said the company in a statement.
Identity access management companies are retooling to support passkeys. As TechRepublic reported last week, 1Password began allowing passkey support using its browser tool and will soon allow passkey access to 1Password vaults. At the RSA conference this year, 1Password CEO Jeff Shiner said that he foresaw that Google’s move to a passwordless system would constitute a sea-change moment for the industry.
Cisco’s Duo authentication platform is introducing a number of passkey-based features to its platform, and in August, Dashlane introduced integrated passkey support in its security-first password manager and unveiled the first in-browser passkey solution.
At the RSA conference in April, Iva Blazina Vukelja, the vice president of product at Zero Trust at Duo, said companies are very ready to shift away from passwords.
“There are two big reasons to go passwordless,” she said. “Friction for corporate end users is a big one. When we started doing private previews and rolled out passkey authentication out to a limited set of end users, we got feedback saying it was 75% less annoying than any other authentication methods. ‘Please roll it out,’ is what they said. End users love it.”
Rew Islam, the director of product engineering and innovation at Dashlane, which is part of the W3C working group for WebAuthn, pointed out that the underlying technology for public/private keys has been around for many years. However, the key event that made the migration to passkeys possible was the industry coming together to agree on a standard, “especially the big three platforms,” he said, adding that passkeys can be managed today in Dashlane using a Chromium-based extension. “We’ve had that since last summer,” he said. “We’re waiting for Android 14, and our app is ready for it.”
When a user creates a passkey on a shared device, by default, anyone who can use that device can therefore also login to one’s account using the public/private key handshake since they would presumably have an enabled biometric sign-on to the device. Islam said this could introduce a problem with where the keys of individuals sharing that device reside.
“Can people access the keys of others on that shared device? I think there will eventually be solutions to this issue, but it’s not obvious how, let’s say, a family manages their passkeys if they’re sharing a Mac unless they’re maintaining separate user accounts on the actual operating system itself,” he said.
Google said if one loses a device with a passkey for a Google account and worries that the device can be unlocked, they can immediately revoke the passkey in account settings.
Okta last fall announced it was rolling out a passkey management feature that allows admins to block passkeys for new enrollments at an organizational level. This feature addresses a key problem for enterprises using passkeys: authorized users who sign on with an unmanaged device.
Mukul Hinge, the group product marketing manager of workforce identity at Okta, explained the feature in a blog post that offers a good overview of passkeys and the FIDO standards that enable them. He said the feature for Okta Classic and Okta Identity Engine prohibits a user from enrolling with a multi-device FIDO credential and preempts any potential risks of unmanaged and insecure devices accessing sensitive applications.
He explained that one could access sensitive applications with, for example, an unmanaged iPad using an older, vulnerable version of iOS that does not conform to the security posture requirements of the organization. “This is a serious security vulnerability. From an admin standpoint, this needs to be addressed immediately,” he said.
Some platforms, like Apple, allow users to access accounts using a single passkey. For Apple, iCloud accounts allow the sharing of passkeys across various Apple devices, the point being that if one loses a device, they can access an account with passkeys on one of their other Apple devices.
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Google launches passkeys for Workspace
Your email has been sent
Your message has been sent
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
Get up and running with ChatGPT with this comprehensive cheat sheet. Learn everything from how to sign up for free to enterprise use cases, and start using ChatGPT quickly and effectively.
Get the most out of your payroll budget with these free, open source payroll software options. We’ve evaluated the top eight options, giving you the information you need to make the right choice.
We highlight some of the best certifications for DevOps engineers. Learn more about DevOps certifications.
With so many project management software options to choose from, it can seem daunting to find the right one for your projects or company. We’ve narrowed them down to these ten.
This Microsoft PowerToys app simplifies the process of visualizing and modifying the contents of the standard Windows Registry file.
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
The importance of diversity and inclusion in any given organization cannot be overstated. It establishes a level playing field, brings together people with different backgrounds, perspectives, traditions and ideas and enriches company culture by ensuring fairness and tolerance. This helps build a more effective and collaborative workforce which enables the business to run in a …
Software development is a complex process that involves a specific series of steps (known as the development lifecycle) to transform a concept into a deliverable product. The steps involved with creating the finished product must be carefully adhered to yield the best results, reduce inefficiencies and maximize customer satisfaction. The purpose of this policy from …
Cybersecurity demands and the stakes of failing to properly secure systems and networks are high. While every organization’s specific security needs form a unique and complex blend of interconnected requirements, numerous security fundamentals almost always apply to each of these groups. It stands to reason that cybersecurity pros who effectively identify network and systems risks …
In this guide from TechRepublic Premium we’re going to explore the various things you can do with a Linux server. We won’t leave out any steps, so you won’t have to refer to another tutorial to complete the process. The only step we will leave out is the installation of Linux, as we’ll assume you …

source

 

Enterprise Guardian (EnGuard) specializes in HIPAA Compliant Email for the Healthcare Industry.
HIPAA Compliant Email, Telehealth & Cloud Made Easy.

 

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE