Soon it will be ok to forget the password
Passwords are a hassle! If you use one to access many services you’re vulnerable and if you have zillions, you forget which one to use. Big tech companies are now finally on their way trying to find a solution. Google, Microsoft and Apple have all indicated that they will agree to a new standard that aims to solve the problem. With “Fast Identity Online”, the FIDO Alliance wants us to switch from password-based IDs to biometrics like fingerprints and face scans already used to unlock smartphones and laptops.
So, the question is now if users will agree to FIDO or will having your faced scanned multiple times per day be seen as too intrusive? The new FIDO standard will gradually introduced in the coming year.
The idea is that biometrics are safer and easier than for instance than the safe password alternative called two-factor authentication where you use both a password and for instance a smartphone to login to a site.
INTRUSIVE?
So, the question is now if users will agree to FIDO or will having your faced scanned multiple times per day be seen as too intrusive? The new FIDO standard will gradually introduced in the coming year.
“We plan to implement passwordless support for FIDO Sign-in standards in Android & Chrome”, Sampath Srinivas, Director, Secure Authentication, Google and President, FIDO Alliance writes in a blog post.
“Apple and Microsoft have also announced that they will offer support for their platforms. This will simplify sign-ins across devices, websites, and applications no matter the platform — without the need for a single password. These capabilities will be available over the course of the coming year.”
PASSKEY
“When you sign into a website or app on your phone, you will simply unlock your phone — your account won’t need a password anymore. Instead, your phone will store a FIDO credential called a passkey which is used to unlock your online account. The passkey makes signing in far more secure, as it’s based on public key cryptography and is only shown to your online account when you unlock your phone.”
“To sign into a website on your computer, you’ll just need your phone nearby and you’ll simply be prompted to unlock it for access. Once you’ve done this, you won’t need your phone again and you can sign in by just unlocking your computer. Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off.”
APPLAUDS
The FIDO (Fast IDentity Online) Alliance was formed in July 2012 to address the authentication issue. Hundreds of technology companies and service providers from around the world worked within the FIDO Alliance to create the passwordless sign-in standards. Apple, Google, and Microsoft have led development of this expanded set of capabilities and are now building support into their respective platforms.
“I applaud the commitment of our private sector partners to open standards that add flexibility for the service providers and a better user experience for customers,” said Jen Easterly, Director of the U.S. Cybersecurity and Infrastructure Security Agency. “At CISA, we are working to raise the cybersecurity baseline for all Americans. Today is an important milestone in the security journey to encourage built-in security best practices and help us move beyond passwords. Cyber is a team sport, and we’re pleased to continue our collaboration.”
“Just as we design our products to be intuitive and capable, we also design them to be private and secure,” said Kurt Knight, Apple’s Senior Director of Platform Product Marketing. “Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all with the goal of keeping users’ personal information safe.”
OUTDATED
“This milestone is a testament to the collaborative work being done across the industry to increase protection and eliminate outdated password-based authentication,” said Mark Risher, Senior Director of Product Management, Google. “For Google, it represents nearly a decade of work we’ve done alongside FIDO, as part of our continued innovation towards a passwordless future. We look forward to making FIDO-based technology available across Chrome, ChromeOS, Android and other platforms, and encourage app and website developers to adopt it, so people around the world can safely move away from the risk and hassle of passwords.”
“The complete shift to a passwordless world will begin with consumers making it a natural part of their lives. Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today,” says Alex Simons, Corporate Vice President, Identity Program Management at Microsoft. “By working together as a community across platforms, we can at last achieve this vision and make significant progress toward eliminating passwords. We see a bright future for FIDO-based credentials in both consumer and enterprise scenarios and will continue to build support across Microsoft apps and services.”
Moonshot News is an independent European news website for all IT, Media and Advertising professionals, powered by women and with a focus on driving the narrative for diversity, inclusion and gender equality in the industry.
Our mission is to provide top and unbiased information for all professionals and to make sure that women get their fair share of voice in the news and in the spotlight!
We produce original content, news articles, a curated calendar of industry events and a database of women IT, Media and Advertising associations.
