Google's passkeys, introduced in 2022, have become a popular and secure alternative to traditional passwords, being used over 1 billion times across 400 million-plus Google accounts. These passkeys, which rely on fingerprints, face scans, or PINs for authentication, are faster and more resistant to phishing than passwords. Google plans to integrate passkeys into its Advanced Protection Program, enhancing security for high-risk users. Additionally, third-party password managers like Dashlane and 1Password can now support passkeys, further expanding their use. The technology is supported by major companies like eBay, Uber, PayPal, and Amazon, indicating a shift towards passkey-based authentication as a more secure and efficient method.
Six legit-looking emails purporting to come from Dashlane for an "urgent deadline to confirm your information" in my inbox over the last couple of days. Not actually from #Dashlane. Have they leaked their users' emails?
cc @troyhunt@briankrebs@campuscodi
Welp, there goes the Dashlane Free people since they will not provide unlimited passwords and have a 25 password limit. Luckily I don't use Dashlane but would immediately transfer all my passwords out of it and then delete my account
What most ppl outside IT don't know about passwords:
Though no one targets you specifically, you still need a good password: attackers simply try common passwords & variants with all accounts and are often lucky.
While "needs to be random" is important, this rule is more important: "unique password for each site, no exceptions": attackers use leaks from site A and try your email & password on site B.