Major Tech Companies To Make Passwords Obsolete
World Password Day, which lands on the 5th of May, saw Apple, Google and Microsoft all announce that they are looking to establish passwordless sign-in for all their platforms over the next year. As a result, password logins for iOS, Android, Chrome, Edge, Safar, Windows, macOS and more may soon be an online relic.
Senior director of platform product marketing at Apple, Kurt Knight said “Just as we design our products to be intuitive and capable, we also design them to be private and secure.”
“Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all with the goal of keeping users’ personal information safe.”
Rather than having to use a password to login to various platform, users will user their smartphones for authentication, via a PIN, fingerprint or face ID or drawing a pattern. This is achieved by establishing a passkey unique to the phone, that is then shared with online platforms, via a standard known as Fast ID Online (FIDO). In the case of a user getting a new phone, the passkey can be synced to a new device through a cloud backup.
The reason for the change is for both security and convenience. Removing passwords makes it much more difficult for scammers and hackers to gain access to your information, as login details cannot be compromised and logging in would require the physical device. Furthermore, users are able to sign-in quicker and without having to worry about remembering passwords.
The compatibility across platforms and collaboration between major tech companies shows an effort to improve the lives of users across different brands and companies, according to Microsoft’s vice president for security, compliance, identity and privacy, Vasu Jakkal.
“With passkeys on your mobile device, you’re able to sign in to an app or service on nearly any device, regardless of the platform or browser the device is running,” she said. “For example, users can sign-in on a Google Chrome browser that’s running on Microsoft Windows—using a passkey on an Apple device.”
FIDO authentication does exist already, it currently requires a password to authenticate it. The new support, according to FIDO Alliance President and Product Management Director for secure authentication at google Sampath Srinivas.
“This extended FIDO support being announced today will make it possible for websites to implement, for the first time, an end-to-end passwordless experience with phishing-resistant security.”
“This includes both the first sign-in to a website and repeat logins. When passkey support becomes available across the industry in 2022 and 2023, we’ll finally have the internet platform for a truly passwordless future.”