Some of the world’s largest technology companies have announced plans to permanently eliminate the need for passwords.
Apple, Google, and Microsoft are working together to significantly increase the availability of passwordless logins and instead set a common standard for implementing the widely used and convenient passwordless sign-in on all platforms. We are promoting it.
Created by the FIDO Alliance and the WorldWideWeb Consortium, this standard is a major step away from what is currently used for more secure logins, in addition to basic usernames and passwords. That is, two-factor authentication (for example, 2FA, which represents the second login step of the verification code sent by text message to your smartphone), or using an app such as a password manager.
FIDO authentication already facilitates passwordless sign-in on some websites and apps, but the big difference here is that it not only makes the process more widely adopted, but also end-to-end passwordless. It is to be safer with the option of.
This means that users no longer have to sign in to their first login on every website or app, every individual device to first enable passwordless access. Instead, the user simply unlocks the phone and logs in. Your account will be unlocked automatically using your usual methods, such as a fingerprint reader or PIN.
This means that if you are logged in to a website on your PC, all you need to do is have a smartphone. You can sign in to the site in your computer’s browser by unlocking the phone. That’s all (the phone stores the FIDO “passkey” used to access your account).
In short, you can forget that passwords were introduced in this new online world. If you have a site and service that supports it, all you need is your mobile phone and how to log in.
Analysis: Full deployment will take some time, but …
So when will this big step forward in security come about? The three tech giants say they plan to promote this on all major platforms by the end of next year.
For Google, this of course means Android and Chrome, Apple, macOS, iOS, Safari, Microsoft, Windows, Edge.
As a result, support for these more secure FIDO-based logins is significantly increased, and sign-in is streamlined and simplified by revoking passwords (and associated second-tier security such as 2FA).
As I mentioned earlier, this is not only convenience but also security. It’s not a secret how unstable traditional passwords are when people come up with passwords that are easy to remember. The password is easy to guess and can be reused many times.
Or, in fact, people are prey to something like a phishing scam that can extract usernames and passwords. Alternatively, details could be leaked online through a third-party data breach, not by their own negligence. Thankfully, all of these dangers are wiped out with this new passwordless approach.
Of course, this won’t happen right away. As mentioned earlier, support will work from the rest of the year to 2023 with the necessary effort to implement the system as well as the three major technology companies. Also, site and app developers.
So passwords won’t disappear overnight, but fortunately, with this announcement, password dates are fairly well numbered …