Apple, Google and Microsoft said Thursday that they want to get rid of passwords and replace them with a more secure way to access accounts or devices.
The tech titans in the United States have jointly announced their support for a common standard that will allow people to log in by unlocking their cell phones, for example, with fingerprint or facial recognition.
“The complete shift to a world without passwords will start with consumers making this a natural part of their lives,” said Alex Simons, vice president of Microsoft.
“Working together as a community across platforms gives us the ability to finally achieve this vision and make significant progress toward eliminating passwords.”
The reliance on passwords alone is seen as a major security flaw on the internet, as people tend to keep them too simple or use the same one repeatedly to make it easier to manage many accounts.
Adoption of the standards created by the FIDO Alliance and the World Wide Web Consortium will allow websites and device manufacturers to add secure, passwordless options to their products, the groups said in a statement.
Using strong keys instead of passwords would prevent phishing scams that trick people into revealing their login credentials and hackers that steal that data.
“Today is an important milestone in the security journey to encourage built-in security best practices and help us move beyond passwords,” said US Cybersecurity and Infrastructure Security Agency Director Jen Easterly.
Passwordless sign-in capability will be built into Android and Chrome software over the next year, Google chief product officer and FIDO Alliance president Sampath Srinivas said.
Apple and Microsoft have announced plans to do the same with their software.
“This will simplify logging into devices, websites and apps, regardless of platform – without the need for a single password,” Srinivas wrote in a blog post.
“When you sign in to a website or app on your phone, it will just unlock your phone.”
Cell phones will store a FIDO credential as a “passkey” to be used to unlock online accounts, Srinivas explained.
“To enter a web page on the computer, you will only need to have your phone nearby and you will simply be asked to unlock it in order to access it,” Srinivas said.
Eliminating passwords is seen as more secure than two-factor authentication, a process that involves sending one-time passwords via text message or email as secondary confirmation when signing in to sites or services. (YO)
Source: Eluniverso
Paul is a talented author and journalist with a passion for entertainment and general news. He currently works as a writer at the 247 News Agency, where he has established herself as a respected voice in the industry.
