wordpress blog stats
Connect with us

Hi, what are you looking for?

Apple, Google, and Microsoft to ditch passwords sign-ins

What does it mean to go passwordless?

Apple, Google, and Microsoft have agreed to use a common passwordless sign-in standard created by the FIDO (Fast Identity Online) alliance and the World Wide Web Consortium, according to a statement by the alliance. The agreement will help users avoid the route of passwords altogether, and allows websites and apps to secure accounts using device PIN or biometrics, the release added.

Essentially, users will be able to use the passwordless option to sign in through the same action with which they unlock their devices. For example, they will be able to access their Gmail account by a simple verification of their fingerprint, face, or device PIN.

“This new capability stands to usher in a new wave of low-friction FIDO implementations alongside the ongoing and growing utilization of security keys — giving service providers a full range of options for deploying modern, phishing-resistant authentication,” Andrew Shikiar, executive director and CMO of the FIDO Alliance, said in a statement.

The fact that all major tech companies have agreed to adopt this standard implies that the passwordless option will cover major platforms— iOS and Android mobile operating systems, Windows and Mac devices, and browsers such as Google Chrome, Microsoft Edge, and Apple Safari. The option is expected to be rolled out over the course of the coming year, the statement revealed. It is not yet clear as to how the option will be rolled out and what are its implications vis-à-vis user privacy.

Advertisement. Scroll to continue reading.

Passwords have grown to become ineffective in securing accounts— a fact predicted by Bill Gates back in 2004. It is difficult to remember multiple passwords because of which most people end up using the same password for multiple accounts which puts them at risk of hacking, data breaches, and identity thefts. The passwordless method is touted to be more effective against phishing and offers more security when compared to passwords and two-factor authentication, FIDO explained.

Bringing passwordless standard to all devices

FiDO said that the standard was developed by hundreds of technology companies and service providers from around the world. Apple, Google, and Microsoft have led the expansion of the standard.

Source: FIDO Alliance

The previous iteration of the standard required users to sign in to each website or app with each device before they could use the passwordless functionality. Post-expansion, it has two new capabilities with regards to sign-ins:

  • Allow users to automatically access their FIDO sign-in credentials (referred to by some as a “passkey”) on many of their devices, even new ones, without having to re-enroll every account.
  • Enable users to use FIDO authentication on their mobile device to sign in to an app or website on a nearby device, regardless of the OS platform or browser they are running.

 

Source: FIDO Alliance

What is FIDO? The organisation is an open industry association that develops and promotes authentication standards to help reduce the world’s reliance on passwords. The organisation was formed in 2012 by PayPal, Lenovo, Nok Nok Labs, Validity Sensors, Infineon, and Agnitio, as per its website.

How will the option work on Google?

In a blog post, the search giant said that it has been working on a passwordless option for over a decade. Google explained that a user’s phone will store a FIDO credential called a passkey which will be used to unlock their online account.

“The passkey makes signing in far more secure, as it’s based on public key cryptography and is only shown to your online account when you unlock your phone,” the company wrote in its post. It added that a user will need their phones nearby to sign into a website on their computer because a prompt will be sent the phone. The users will not need their phones to log in again and will simply need to unlock their computer.

“Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off,” Google added.

Also Read:

Have something to add? Post your comment and gift someone a MediaNama subscription.

Advertisement. Scroll to continue reading.
Written By

I cover several beats such as Crypto, Telecom, and OTT at MediaNama. I can be found loitering at my local theatre when I am off work consuming movies by the dozen.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.

News

Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.

News

This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.

News

It is widely argued that the PDP Bill report seeks to discard the intermediary status of social media platforms but that may not be...

News

Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ