Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

Over 200k myGov users ditch passwords for passkeys

Following the rollout of a new authentication method, over 200,000 myGov users have switched from passwords to passkeys.

user icon Daniel Croft
Fri, 14 Mar 2025
Over 200k myGov users ditch passwords for passkeys
expand image

Launched on 30 June 2024, the new authentication method was designed to create phishing-resistant credentials and prevent threat actors from getting into victim myGov accounts.

Now, a new report published by the Digital Transformation Agency has revealed that, with the new solution, over 500,000 had enabled passkeys and over 200,000 had also disabled their passwords.

“Passkeys use the latest in cryptographic keypair technology and are simple to set up and use with a myGov account,” the report said.

“Using a passkey and disabling a password makes myGov accounts resistant to phishing attacks because the passkey only works with the website or app it is created on, which means it will not work on a phishing website.“

Passkeys work using the biometric data of a device or make use of a PIN or other form of verification. They can also be physical authentication, such as with a USB drive.

The report also revealed that the passkey initiative cost $5.6 million, with $3.3 million going towards the project’s development, testing and implementation.

The passkey project was first proposed by former government services minister Bill Shorten in 2023, making myGov “one of the first digital government services in the world to implement passkeys”, according to the report.

In a statement at the time, Shorten said that “passkeys will be introduced to bring myGov further into the 21st century, allowing Australians the ability to use biometric options such as facial recognition to access the site”.

“These important sign-in alternatives are familiar to many Australians and are a key safeguard against scammers who use phishing tactics to harvest personal information like people’s date of birth to fraudulently access accounts,” he said.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.