The ordeal of passwords could be over within a year: tech giants Google, Apple and Microsoft announced on Thursday an agreement to build a system to authenticate without having to memorize series of cabalistic signs.
“With the new feature, consumers could authenticate to websites and mobile apps easily, password-free and securely, regardless of device or operating system,” FIDO summarized. Alliance (Fast Identity Online Alliance) in a press release.
Since 2012, this has brought together players in the sector to work on common authentication systems. The goal, explains Google, is that users can connect to an online service simply by unlocking their smartphone via their usual method: fingerprint, facial recognition or even a multi-digit code.
Concretely, a website can ask the Internet user if he wants to “authenticate himself with his FIDO identifiers”. This message will appear simultaneously on his phone, where the user will just need to accept, by unlocking his screen, to be connected to the site. Smartphones keep these coded identifiers, called “passkey” (access key).
The issue of security
The three technology giants have committed to implementing this new system within twelve months on Android and iOS (the mobile operating systems of Google and Apple), on Chrome, Edge and Safari (the browsers of Google, Microsoft and Apple) and on Windows and macOS (the Microsoft and Apple operating systems for computers).
“Password-only authentication is one of the most significant security issues on the web,” Apple notes in its statement. Unable to manage so many different passwords, individuals often reuse the same one, which facilitates account takeovers, data leaks and identity theft.
“The new protective approach to phishing and logging into a service will be radically safer than passwords and other technologies such as unique codes sent by SMS”, adds the iPhone manufacturer. The three companies made their announcement on World Password Day.