#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Passkeys | Breaking Cybersecurity News | The Hacker News

Category — Passkeys
Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click

Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click

May 21, 2025 Data Breach / Account Security
Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detects the credentials to be compromised. "When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an option to fix it automatically," Google's Ashima Arora, Chirag Desai, and Eiji Kitamura said . "On supported websites, Chrome can generate a strong replacement and update the password for the user automatically." The feature builds upon Password Manager 's existing capabilities to generate strong passwords during sign-up and flag credentials that have been detected in a data breach. Google told The Hacker News the feature hasn't been formally launched for end users, and that it's mainly geared towards developers so they can optimize their websites for once the feature launches. With the automated password change, Google said the idea is to reduce fric...
Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

May 02, 2025 Password Security / Windows
A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. "Brand new Microsoft accounts will now be 'passwordless by default,'" Microsoft's Joy Chik and Vasu Jakkal said . "New users will have several passwordless options for signing into their account and they'll never need to enroll a password. Existing users can visit their account settings to delete their password." The Windows maker said it has also simplified the sign-in and sign-up user experience by prioritizing passwordless methods. Furthermore, the sign-in process now automatically detects the best available method on a user's account and sets that as the default. For example, if an account has the option to sign in via a password and a "one time code," the user will be prompted to login via one time ...
Google's New Restore Credentials Tool Simplifies App Login After Android Migration

Google's New Restore Credentials Tool Simplifies App Login After Android Migration

Nov 25, 2024 Mobile Security / Privacy
Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android's Credential Manager API , the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement. "With Restore Credentials, apps can seamlessly onboard users to their accounts on a new device after they restore their apps and data from their previous device," Google's Neelansh Sahai said . The tech giant said the process occurs automatically in the background when a user restores apps and data from a previous device, enabling apps to sign users back into the respective accounts without requiring any additional interaction. This is accomplished by means of what's called a restore key, which, in reality, is a public key that's compatible with FIDO2 standards such as passkeys. Thus when a user signs in to an app that...
cyber security

GenAI Security Best Practices Cheat Sheet

websiteWizCybersecurity / GenAI Security
Secure your GenAI systems fast with 7 must-know best practices to stop data poisoning, model theft, and more—plus ways AI can boost your defenses.
cyber security

Find the Coverage Gaps in Your Security Tools

websitePrelude SecurityContinuous Control Monitoring
Try Prelude free for 14 days to find gaps in your security tools, maximizing the controls you already have.
Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Sep 20, 2024 Encryption / Digital Security
Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by anyone, not even Google," Chrome product manager Chirag Desai said . The PIN is a six-digit code by default, although it's also possible to create a longer alpha-numeric PIN by selecting "PIN options." This marks a change from the previous status quo where users could only save passkeys to save passkeys to Google Password Manager on Android. While the passkeys could be used on other platforms, it was necessary to scan a QR code using the device where they were generated. The latest change removes that step, making it a lot easier for users to sign in to online services using passkeys by simply scanning their biometrics. Google noted that support for iOS is expected to arrive soon...
Google Adds Passkeys to Advanced Protection Program for High-Risk Users

Google Adds Passkeys to Advanced Protection Program for High-Risk Users

Jul 10, 2024 Cybersecurity / Phishing Attack
Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program ( APP ). "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said . Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on the FIDO Authentication standard, the technology is designed to secure online accounts against potential takeover attacks by ditching passwords in favor of biometrics or a PIN. Passkeys can simultaneously act as a first- and second-factor, entirely obviating the need for a password. Earlier this May, the tech giant revealed that passkeys are being used by over 400 million Google accounts. High-risk users , who are at an elevated exposure to cyber-attacks because of who they are and what they do (e.g., journalists, elected officials, political campaign staff, human rights ...
Google Announces Passkeys Adopted by Over 400 Million Accounts

Google Announces Passkeys Adopted by Over 400 Million Accounts

May 03, 2024 Passwordless / Encryption
Google on Thursday announced that passkeys are being used by over 400 million Google accounts, authenticating users more than 1 billion times  over the past two years . "Passkeys are easy to use and phishing resistant, only relying on a fingerprint, face scan or a pin making them 50% faster than passwords," Heather Adkins, vice president of security engineering at Google,  said . The search giant notes that passkeys are already used for authentication on Google Accounts more often than legacy forms of two-factor authentication, such as SMS one-time passwords (OTPs) and app based OTPs combined. In addition, the company said it's expanding  Cross-Account Protection , which alerts of suspicious events with third-party apps and services connected to a user's Google Account, to include more apps and services. Google is also expected to support the use of passkeys for high-risk users as part of its Advanced Protection Progr...
Expert Insights Articles Videos
Cybersecurity Resources