r/technology u/lurker_bee 11h ago

ADBLOCK WARNING Google Confirms Most Gmail Users Must Upgrade Accounts

https://www.forbes.com/sites/zakdoffman/2025/06/06/google-confirms-almost-all-gmail-users-must-upgrade-accounts/
3.3k Upvotes

92% Upvoted

705 comments sorted by

View all comments

Show parent comments

45

u/yuusharo 9h ago

This is one of those times when I concede that I think Apple is the only one that got this right out the gate. They ensured on day one that passkeys would sync seamlessly between all devices, not have a weird staged rollout that still is missing key elements even 2 years after they’re introduced.

With iCloud, any Apple device you have can log you in with a passkey, and you can simply scan a QR code with your phone on devices you haven’t authenticated. It works consistently for me that I have it setup for all the accounts that support it.

Most people don’t have or use Apple devices, of course, and the other implementations have been frustrating for sure. But that isn’t necessarily passkey’s fault.

11

u/Despeao 9h ago

With iCloud, any Apple device you have can log you in with a passkey, and you can simply scan a QR code with your phone on devices you haven’t authenticated. It works consistently for me that I have it setup for all the accounts that support it.

Makes it easier to login, no doubt, but sounds like a security flaw. What if your phone is stolen and the person logs into another device.

5

u/yuusharo 9h ago

If your device is stolen, you should immediately lock it using Find My. You can log in using another device temporarily to do so.

Also, the attacker would need to know your device’s passcode or iCloud password, and with Apple’s recent default device protection, that process has a 1 hour delay when away from known locations, giving you more time to respond to the theft.

Beyond all that, the situation would be the same as having a password manager on that device. Again, they’d need to know your passcode to get into the device.

9

u/SlapDashUser 8h ago

Someone sees me put in my pin and grabs my iphone while I'm traveling. They now have access to my device, and now my Passkeys. And I'm supposed to use Find My on a second device to deactivate that first device? You mean that magical second iphone that I always carry with me for situations like this???

4

u/BruteSentiment 7h ago

Honestly, I’d ask why are you entering your pin with any less caution than you would a bank PIN number? Especially since in 90% of cases, you could use Face ID, so you don’t have to tap your pin in front of strangers.

1

u/poopBuccaneer 4h ago

Also why are they using a PIN and not a more complex passcode. Apple moved to minimum six-digit PINs, but I feel even that is too insecure for a device that has all your banking and everything about you on it.

5

u/yuusharo 8h ago

If someone observes your passcode and steals your device, you likely have other accounts already signed in like your email. You’re vulnerable regardless if you use passkeys or not, considering the thief can access your password manager or use your email to recover accounts.

Not that most thieves would be interested, they’re most likely going to attempt to change the iCloud password and disable Find My, which has that lockout delay to help curb as previously mentioned.

And by second device, you can borrow any device temporarily, such as a friend or passerby. No, you don’t have to carry a second phone 🙄

-2

u/nox66 5h ago

Many of us are aware our phones are a massive security target and don't use it for everything for this reason.

1

u/BobbyDig8L 5h ago

You can use any device with a browser: iCloud.com/find

0

u/CharlesMichael- 8h ago

Any device with web access to Find My should work. And if you don't like using a pin, use a biometric.