Google has announced that passkeys, touted by the tech giant as the “beginning of the end” for passwords, are becoming the default sign-in method for all users. From a report: Passkeys are a phishing-resistant alternative to passwords that allow users to sign into accounts using the same biometrics or PINs they use to unlock their devices, or with a physical security key. This removes the need for users to rely on the traditional username-password combination, which has long been susceptible to phishing, credential stuffing attacks, keylogger malware, or simply being forgotten. While security technologies multi-factor authentication and password managers add an extra layer of security to password-protected accounts, they are not without flaws. Authentication codes sent via text messages can be intercepted by attackers, for example, and password managers can (and have been) hacked.
