Google uses FIDO Authentication for both its employees and users.
On the employee side, there has not been a successful phishing attack against Google’s 85,000+ employees since requiring use of FIDO security keys.
On the user side, Google’s goal is to have as many users as possible on phishing-resistant authentication protocols, whether they utilize a security key, an on-device biometric authenticator, or a cryptographic handshake with the users’ mobile device.
In 2023, Google announced support for passkeys for its billions of consumer accounts and 9 million business accounts.
Resources
Article: The Verge: Google trials passwordless login across Workspace and Cloud accounts
Article: Wired: Google Is Rolling Out Password-Killing Tech to All Accounts
Authenticate 2020 Video: Web Authentication: Enterprise Features & Other Level 2 Additions
Case Study (2019): Defending Against Phishing
Case Study (2016): Google Security Keys Work
