Companies are aware of the difficulty of developing new passwords and combating online fraud, which they hope will decrease with the general development of biometrics.
US tech giants have jointly announced their support for a common standard that allows people to log in by unlocking their mobile phone, for example, using fingerprints or facial recognition.
“The complete transition to a password-free world will begin with consumers making this a natural part of their lives,” said Alex Simmons, Vice President of Microsoft.
“Working together as a cross-platform community gives us the ability to finally realize this vision and make significant progress toward removing passwords.”
Relying on passwords alone is seen as a major security flaw on the Internet, as people tend to keep it too simple or use the same password repeatedly to make it easier to manage multiple accounts.
The two groups said in a statement that adopting standards created by the FIDO Alliance and the World Wide Web Consortium would allow websites and device manufacturers to add secure, passwordless options to their products.
Using strong keys instead of passwords will prevent phishing scams tricking people into revealing their login credentials and hackers stealing that data.
“Today is an important milestone in the security journey to encourage embedded security best practices and help us bypass passwords,” said Jane Easterly, director of the US Agency for Cybersecurity and Infrastructure Security.
Sampath Srinivas, Google’s chief product officer and president of the FIDO Alliance, said passwordless login capability will be integrated into Android and Chrome software over the next year.
Apple and Microsoft have announced plans to do the same with their software.
“This will simplify logging into devices, sites and apps, regardless of platform, without the need for a single password,” Srinivas wrote in a blog post.
“When you sign into a website or app on your phone, it will unlock your phone.”
Srinivas explained that mobile phones will store FIDO credentials as a “passkey” for use in opening online accounts.
“To enter a web page on your computer, you will just need to have your phone near you and you will simply be asked to unlock it to access it,” Srinivas said.
Removing passwords is seen as more secure than two-factor authentication, a process that involves sending one-time passwords via text message or email as a secondary confirmation when logging into sites or services.
“Wannabe internet buff. Future teen idol. Hardcore zombie guru. Gamer. Avid creator. Entrepreneur. Bacon ninja.”
