58
Google pushing Gmail users to transition to passkeys using biometric data (archive.ph)
submitted 6 days ago by [email protected] to c/[email protected]
30 comments fedilink hide all child comments

Google warns “passwords are not only painful to maintain, but are also more prone to phishing and often leaked through data breaches.” And that’s the real issue. “It’s important to use tools that automatically secure your account and protect you from scams,” Google tells users, and that means upgrading account security now.

Google says “we want to move beyond passwords altogether, while keeping sign-ins as easy as possible.” That includes social sign ins, but mainly it means passkeys. “Passkeys are phishing-resistant and can log you in simply with the method you use to unlock your device (like your fingerprint or face ID) — no password required.”

This is just one of their excuses, to keep their users inside google's walled-garden

you are viewing a single comment's thread
view the rest of the comments
[-] [email protected] 14 points 6 days ago

They also push google oauth. If you're logging in to over a dozen sites with your google account, it becomes that much harder or at least more annoying to curate all of those. They're banking on people choosing convenience over security - and they'll be right.

[-] [email protected] 4 points 6 days ago

With passkeys you no longer need to use oauth at all since creating and using passkeys can be done more easily than creating a new password or using oauth. If you’re using Google services of course you’ll still log in with a Google account, but on example.com you can just create a new account with a passkey and never worry about oauth or passwords at all.

[-] [email protected] 1 points 4 days ago

the issue is portability. Should I use a password manager's passkey or the OS's. What about wanting to login with a passkey on a different machine with a different OS. Every implementation is trying to fight to be used. I don't remember them allowing multiple passkeys for login, do they?

Finally, if you really care, you don't want Google/Apple/Microsoft "cloud" to hold your keys when they offer it with their devices. For when your account gets whacked for no reason/device gets lost or stolen, or broken, all your "worry" will start worrying.

There's much to worry about unless you only ever use a single device.

[-] [email protected] 2 points 4 days ago

You use a password manager which integrates with all OSes. You don’t need to ever worry about creating multiple keys. I login to account on whatever device I want using 1Password. It can use a passkey no matter what, windows, Mac, iPhone, etc.

[-] [email protected] 1 points 4 days ago

Whoo-wait..nope-oooosh

this post was submitted on 08 Jun 2025
58 points (88.2% liked)

Privacy

2731 readers
244 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 7 months ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]