Google makes it easier for users to switch on advanced account protection
How does multifactor authentication work in APP?
In Google's Advanced Protection Program (APP), multifactor authentication (MFA) works by requiring users to authenticate their identity using two or more factors. These factors include something the user knows (e.g., a password), something the user has (e.g., a security key stored on a physical device or a passkey stored on a device), and something the user is (e.g., biometric data like a fingerprint or facial recognition). This approach enhances security by ensuring that even if one factor is compromised, the account remains protected.
What are passkeys and how do they function?
Passkeys are a new type of login credential that allows users to access online accounts without needing a password. They are based on public-key cryptography, where a public key is stored on the website's server and a private key is stored on the user's device. When logging in, users authenticate using biometrics or a device passcode, and the private key is used to grant access to the account, providing a more secure and user-friendly alternative to traditional passwords.
Why did Google introduce the option to use passkeys?
Google introduced the option to use passkeys as a more secure and convenient alternative to traditional passwords. Passkeys are stored locally on devices and are resistant to online attacks like phishing, making them more secure than things like SMS one-time codes. They can be accessed through a fingerprint, face scan, or a PIN, offering a more user-friendly authentication method.