Apple, Google and Microsoft collaborate to sign in without a password
The three tech giants Apple, Google and Microsoft will introduce a common password-less login standard. It announced the FIDEO Alliance on Thursday.
The FIDO Alliance is behind the so-called FIDO authentication, which practically replaces the need for passwords with other forms of authentication – such as fingerprints, face recognition, or even voice recognition.
Apple, Google, and Microsoft platforms already support the FIDO Alliance standard in some ways, but today they often require you to sign in to different services the usual way and on every device — before you can switch to passwordless sign in for services like it support.
What companies are actually reporting is deeper support for the FIDO standard, which in practice means you should be able to use passwordless login automatically on websites, services, and apps — without having to set it up in the service first.
Authentication is handled, for example, by your mobile phone, which sends a “passkey” or access key to the relevant service, after declaring that you are who you say it is, and grants you access.
This will allow you to sign in to your Gmail account on a Windows PC using Face Detection on your iPhone – to take an example – without the need for a password in the background.
– To log into a website on your PC, you just need your phone nearby and you will be asked to unlock it to access it. Once you do that, you won’t need the phone again and you can log in as soon as you open your PC. Even if you lose your phone, the access keys will sync securely to your phone from your cloud backup, allowing you to pick up where you left off from your old device, Google writes in Blog posts on this issue.
Password-free everyday life is supposed to be more comfortable for the user and not the least safe to use.
Although we are constantly asked to have different passwords for each service, it is inevitable that many people will reuse their passwords on different services and sites, and FIDO asserts that 80 percent of data breaches in the world are due to passwords.
Without a password, it would be very difficult for attackers to gain access to your accounts, because they would already need the physical device you use to log in – in addition to your biometrics.
Extended FIDO support announced today will enable websites to implement, for the first time, a comprehensive password-free experience with phishing-resistant security. It includes both the first login to a website and subsequent logins. When passkey support becomes available across the industry in 2022 and 2023, we will finally have the internet platform for a true password-free future, FIDO President and Google Secure Sign-in Director Sampath Srinivas wrote in a statement to the edge.
The Big Three did not offer any more specific timeline than “over the next year”.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”