this post was submitted on 08 Jun 2025
56 points (90.0% liked)

Privacy

2596 readers
135 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 7 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
56
Google pushing Gmail users to transition to passkeys using biometric data (archive.ph)
submitted 1 day ago by throws_lemy@lemmy.nz to c/privacy@lemmy.dbzer0.com
24 comments fedilink hide all child comments
 

Google warns “passwords are not only painful to maintain, but are also more prone to phishing and often leaked through data breaches.” And that’s the real issue. “It’s important to use tools that automatically secure your account and protect you from scams,” Google tells users, and that means upgrading account security now.

Google says “we want to move beyond passwords altogether, while keeping sign-ins as easy as possible.” That includes social sign ins, but mainly it means passkeys. “Passkeys are phishing-resistant and can log you in simply with the method you use to unlock your device (like your fingerprint or face ID) — no password required.”

This is just one of their excuses, to keep their users inside google's walled-garden

you are viewing a single comment's thread
view the rest of the comments
[–] adarza@lemmy.ca 0 points 1 day ago* (last edited 1 day ago) (1 children)

more like the garden of weeds is spreading out of control. they want passkeys and oauth so they can become the third-party gatekeeper for everything.

the want them tied to bio because your fingertip or face are harder to share with others, harder to fake, easier to track multiple accounts with, and are tied to real people and identities that can be linked with other data their databases all to make their data and targeted adverts more profitable.

[–] tyler@programming.dev 5 points 1 day ago

Passkeys have nothing to do with Google. They’re a standard compliant control mechanism designed to replace passwords. https://fidoalliance.org/passkeys/

Google doesn’t do anything with them besides store them exactly like they would your password. You authenticate using your device, which Google knows nothing about. The biometrics do not leave your device. https://www.passkeycentral.org/introduction-to-passkeys/passkey-security

Passkeys do not have to be biometric. You can use 1Password for example and not ever use fingerprints or anything biometric and still use passkeys to log in to services. It’s literally just a different better authentication method than passwords. You can still share passkeys through a password manager.

Literally everything you said is scaremongering and making it easier for scammers to take advantage of people. You should be switching to passkeys immediately.