The federal government is making changes to enhance the security of myGov logins. 

Facial scans, fingerprints, or PINs will replace passwords and two-factor authentication for accessing federal government services, thanks to a new encrypted passkey system unveiled this week. 

This system, supported by industry giants like Apple, Google, and Microsoft, is meant to adhere to international standards, promising faster, easier, and more secure logins to websites and apps.

The changes to the myGov portal should spare users the hassle of remembering or recovering lost passwords. 

The move comes in response to an alarming rise in phishing and scam attempts targeting myGov logins. This year alone, over 6,000 unique myGov scams were detected, marking a tenfold increase from the previous year, according to Government Services Minister Bill Shorten.

Devices equipped with passkeys can identify and block fake phishing sites, potentially eliminating phishing and identity theft scams. 

Over 80 websites, including Amazon, Uber, TikTok, and Shopify, have adopted passkey technology, making myGov the first Australian government service to do so.

Users of the myGov app will have the option to forgo user ID and password access and rely on their device's preferred biometric or PIN. 

This shift is expected to reduce cyber data breaches, as website owners will not need to store user IDs and passwords.

The forthcoming national digital identification system will further bolster security by eliminating the need for website owners to store customer data. Each passkey is unique to the specific website, reducing the risk if identity credentials are compromised.

Google, Apple, and Microsoft have embedded this cryptology technology on most of their phones, making passkeys 40 per cent faster and highly secure. It also uses Bluetooth for unlocking websites on nearby personal devices.

“Passkeys will be introduced to bring myGov further into the twenty-first century, allowing Australians the ability to use biometric options such as facial recognition to access the site,” Mr Shorten said on Thursday in Sydney.

“These important sign-in alternatives are familiar to many Australians, and are a key safeguard against scammers who use phishing tactics to harvest personal information, like people’s date of birth to fraudulently access accounts.”

Shorten has appointed former NSW minister Victor Dominello to oversee the myGov service portal, leading the UNSW and University of Technology Trustworthy Digital Society Hub. He also chairs the ministerial digital ID expert panel, appointed by Finance Minister Katy Gallagher.