Passwords can be easily accessed. A reason why an increasing number of techno companies introduced two factor authorisation for login. And now in a joint effort to make the web more secure and usable for all, Apple, Google and Microsoft plan to expand support for a common passwordless sign-in standard which has been created by the FIDO Alliance and the World Wide Web Consortium.
Passwordless authentication is a form of multi-factor authentication that replaces the password with a secure alternative.
Be it signing into a social media account, mobile banking, or our workplace, all our online accounts require a username and password. As creating a new, different password for every type of account is kind of a challenge, most of us end up reusing passwords across accounts. According to a study by Ponemon Institute, people reuse an average of five total passwords, both business and personal. This means a single compromised password can create a chain reaction of liability. This joint effort between the tech majors will offer faster, easier and more secure sign-ins across websites and apps across devices and platforms for customers.
While password managers and legacy forms of two-factor authentication offer incremental improvements, there has been industry-wide collaboration to create sign-in technology that is more convenient and more secure. According to the information available on FIDO Alliance, the expanded standards-based capabilities will give websites and apps the ability to offer an end-to-end passwordless option. Users will sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN. This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS.
“Just as we design our products to be intuitive and capable, we also design them to be private and secure. Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all with the goal of keeping users’ personal information safe,” said Kurt Knight, Apple’s Senior Director of Platform Product Marketing.
“The complete shift to a passwordless world will begin with consumers making it a natural part of their lives. Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today,” says Alex Simons, Corporate Vice President, Identity Program Management at Microsoft. Been offering passwordless login expertise to its employees and enterprises, In September last year, Microsoft allowed consumers to completely remove the password from their Microsoft account.
Apple, Google, and Microsoft have led development of this expanded set of capabilities and are now building support into their respective platforms.
In addition to facilitating a better user experience, the broad support of this standards-based approach will enable service providers to offer FIDO credentials without needing passwords as an alternative sign-in or account recovery method. These new capabilities are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year.
“Ubiquity and usability are critical to seeing multi-factor authentication adopted at scale, and we applaud Apple, Google, and Microsoft for helping make this objective a reality by committing to support this user-friendly innovation in their platforms and products,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance. “This new capability stands to usher in a new wave of low-friction FIDO implementations alongside the ongoing and growing utilisation of security keys — giving service providers a full range of options for deploying modern, phishing-resistant authentication,” he added.
Copyright©2023 Living Media India Limited. For reprint rights: Syndications Today