Passwords may be a thing of the past as Apple, Google, and Microsoft commit to passwordless sign-ins

PHOTO: Unsplash

In celebration of World Password Day, and what is a rare show of unity, Apple, Google, and Microsoft have jointly announced their commitment to support a common passwordless sign-in standard created by the FIDO Alliance and World Wide Web Consortium.

FIDO stands for "fast identity online" and the alliance is currently working with the three companies to develop passwordless technologies for its platforms, apps, and websites.

Passwords are a major weak point in any security system. People either use easy to guess or hack passwords, or they forget them altogether. This new initiative will change that by allowing these platforms, apps, and websites to identify you using the main authentication device such as your phone or perhaps a fingerprint or face scanner.

According to Apple:

"The expanded standards-based capabilities will give websites and apps the ability to offer an end-to-end passwordless option. Users will sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN.

This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS. 

This will simplify the sign-in process for all the platforms, apps, and websites you use.

Read Also
A computer can guess more than 100 billion passwords per second. Still think yours is secure?
A computer can guess more than 100 billion passwords per second. Still think yours is secure?

Additionally, because access to a physical device is required to log in, it's harder for hackers to compromise login details remotely and harder for phishing attacks to work.

And with Apple, Google, and Microsoft committed to working together, users can be assured of a high degree of compatibility across all platforms."

Microsoft said:

"With passkeys on your mobile device, you're able to sign in to an app or service on nearly any device, regardless of the platform or browser the device is running. For example, users can sign in on a Google Chrome browser that's running on Microsoft Windows, using a passkey on an Apple device.

And even if you lose your phone, Google says your passkeys can be retrieved from cloud:

Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off.

No fixed timelines for when these new changes would come into place, though Apple, Google, and Microsoft have all said that they expect to implement some of these new technologies in the coming year."

This article was first published in Hardware Zone.