Microsoft, Apple and Google are ramping up their drive to do away with passwords. All three have been long-time supporters of getting rid of passwords and that drive has now moved a step closer. In fact, all three are planning to implement alternatives to passwords within the next year.
They are backing the FIDO Alliance and World Wide Web Consortium (W3C) standards to switch to alternative logins. Those logins include PIN codes, like Windows 10 has already, fingerprint or face scans, like most phones have.
It is hoped that a standardized login method across devices and systems will provide a secure system without the inherent weaknesses of passwords.
Once introduced, logging into an app on your phone will require just your fingerprint or face scan. Your phone will have a FIDO passkey stored on it which will authorize access to online accounts, websites and apps. If you use a laptop or desktop, unlocking your phone when requested will log you into the website or app you’re authenticating for.
The idea is simple and could genuinely change the way we work online. The only downsides we can see is if you lose your phone, run out of charge without noticing, have your phone stolen or aren’t allowed phones at work.
While we’re all tied to our phones enough already, this new authentication system will cement that and ensure we really will take our phones everywhere!
The drive to leave passwords behind is a good one. Let’s be honest, we all have passwords we share between accounts so we can remember it. Even those of us who use password managers will have one or two passwords we can actually remember without having to use that password manager.
Removing passwords means removing dictionary attacks, some types of social engineering and a range of other threat vectors. That’s good news for everyone!