Recently, Apple, Google and Microsoft jointly announced that it is expected that in 2023, when users log in across systems and devices such as LOS, Android and Windows, they will be able to obtain a simpler, faster and more secure “passwordless login” experience.
One of the biggest security issues on the Internet right now is password-only authentication. Passwords that are weak and easy to guess account for more than 80 percent of all data breaches, according to Verizon’s annual data breach report.
It is cumbersome for users to remember and manage many passwords, and they often reuse the same passwords for the convenience of logging in between different websites and applications. This approach can easily lead to the theft of user account identities, resulting in the leakage of sensitive information such as important data.
In conclusion, passwords are critical to the online security of your account. Although some companies have introduced measures such as password managers and two-factor authentication to protect user accounts, they have not really solved the problem of password security.
It is understood that the implementation of “passwordless login” by Apple, Google and Microsoft this time is a standard created by the FIDO (Fast Online Authentication) Alliance.
According to the FIDO Alliance’s official website, it was established in July 2012 to reduce reliance on passwords through “a set of open, scalable, interoperable mechanisms and strong, more private authentication standards.”
For a long time, Apple, Google and Microsoft have been supporting the FIDO Alliance’s passwordless login standard, and have implemented passwordless login to a certain extent. However, there are certain limitations in the implementation of this function before. Users must log in to each website or application on different devices to use the passwordless login function, which is still not convenient and secure enough.
This time, the three tech giants will further expand the FIDO Alliance standard and provide new features to achieve faster and seamless passwordless login.
Over the next nearly a year, they will implement passwordless login standards on their respective platforms. This means that no matter what operating system or browser a user is using, they can use their smartphone to log into apps or websites on nearby devices. For example, users will be able to log in to their Google Chrome browser account running on Microsoft Windows using a “key” on an Apple device.
”Keys” can be seen as FIDO authentication login credentials, allowing users to automatically access the corresponding account on different devices, or even new devices, without having to repeatedly enter passwords. This will make it harder for hackers to remotely hack account details, preventing security risks like phishing, scams, and more.
Specifically, when a user logs in to an account on a phone, the phone stores a FIDO credential based on public key encryption, which can be used to access accounts on other devices. This credential is only displayed to the online account when the user unlocks the phone.
For example, when logging into a website on a laptop, a nearby mobile phone will be prompted by the system, and the user only needs to unlock the mobile phone by verifying the fingerprint, face scan or device PIN code, and then the corresponding account on the computer can be logged in.
It is worth mentioning that the “key” can be backed up in the cloud, and even if the phone is lost, it can be safely synced to the user’s new phone.
In addition to improving the user experience, the above authentication methods also provide a password-free account login or recovery method. The feature is expected to be deployed across Apple, Google and Microsoft’s respective platforms and products by 2023.
Andrew Schier, Executive Director and Chief Marketing Officer of the FIDO Alliance, said: “‘Easier, Stronger Authentication’ is the FIDO Alliance’s tagline and a guiding principle for our specification and deployment guidelines. A pledge of support from Apple, Google and Microsoft , will help to achieve this goal.”
Schier also added: “The enabling of new features will bring a wave of FIDO standard implementation, fuel the continued growth of security keys, and provide service providers. Provides a full range of options for phishing-resistant authentication. Industry-wide collaboration will lay the foundation for a passwordless future.”
For this new measure of cybersecurity, CISA Director Jen Yi “CISA is working to improve the level of cybersecurity for all Americans,” Staley said. “This expansion of passwordless login technology is a forward-looking, important milestone in the maintenance of cybersecurity. We are pleased to see the practice of built-in security and Ultimately helping to subvert the existence of passwords.”
Spokespeople for Apple, Google and Microsoft all said that this partnership with FIDO provides a new, more secure login method that is more secure and more secure than current multi-factor authentication methods. Simple, helps to eliminate password loopholes and protect users’ personal information to the greatest extent possible. This is part of creating a passwordless future.
It will still take time for the technology to be available on everyone’s devices, and the companies above will encourage developers of apps and websites to aggressively adopt the new standard to quickly free people from the security threats and hassles that come with passwords.