The world’s biggest tech companies want to kill passwords on Password Day

Tired of typing passwords? Well, you’re not alone, and you won’t be the only one who’s thrilled to hear that Apple, Google, and Microsoft have just made a joint announcement promoting greater availability of wireless connections. password.

This news comes, quite ostensibly, on Password Day, with the tech triumvirate eager to see the backs of having a bunch of passwords for websites, services and apps – and having to remember everyone, or engage in insecure practices like noting them – so plans have been revealed for a common standard to implement widely used and convenient passwordless logins, across all of their platforms.

This standard – created by the FIDO Alliance and the World Wide Web Consortium – is a big leap forward from what’s used for more secure logins beyond a username and password. basic password right now. Namely the likes of two-factor authentication (2FA, which represents a second step of connecting a verification code sent by SMS to a smartphone for example) or the use of an application like a password manager. pass.

All Changes

FIDO authentication already makes passwordless login easier on some websites and apps, but the big difference here is to make the process not only more widely adopted, but more secure with an end-to-end passwordless option. .

This means users will no longer have to log in for the initial login on every website or app, on every individual device, to enable passwordless access in the first place. Instead, people will simply log in by unlocking their phone – via whatever method they normally use, like a fingerprint reader for example, or a PIN – and that will automatically unlock the account.

So let’s say you log into a website on your PC, all you will need is to have your smartphone with you, and it will be possible to log into the site on your computer’s browser by unlocking the phone – that’s all there is to it (the phone stores the FIDO “access key” used to access the account).

In short, you can forget all about passwords in this new online world, and with support sites and services, all you’ll need is your phone and its login method.

FIDO Google without password

(Image credit: Google)

Analysis: Full deployment will take time, however…

So when is this big step forward on the security front going to happen, you might be wondering? The three tech giants say they plan to facilitate this across all of their major platforms over the coming year.

For Google this of course means Android and Chrome, for Apple, macOS, iOS and Safari, and for Microsoft, Windows and Edge.

The end result should be a massive increase in support for these more secure FIDO-based logins, streamlining and simplifying logins by removing passwords (and associated second-layer security such as 2FA).

As we’ve already touched on, it’s not just about convenience, it’s also about security, because it’s no secret how wobbly traditional passwords can be when people come up with passwords. easy-to-remember passwords – which are easily guessed – and that they reuse them many times.

Or indeed, people fall prey to things like phishing scams that can extract usernames and passwords, or through no fault of their own, details can leak online via a data breach. by a third party. Luckily, all of these dangers are swept away with this new passwordless approach.

All this will not happen immediately, of course, and as mentioned, the support is going to be worked throughout this year, and until 2023, with efforts necessary to implement the system not only on the part of the three large technology companies, but also site and application developers.

So passwords won’t disappear overnight – but the good news is that with this announcement, their days are now numbered…

Leave a Comment