Apple, Google and Microsoft say “Enough with Passw0rds! already”

© iStock.

Apple, Google and Microsoft, the three main operating system providers, are launching a coordinated effort to make passwords history. They seek to “expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium.” This standard is called “multi-device FIDO credential” or just “passkey”. Instead of having you enter a long string of characters, the new system has the app or website to which you’re logging in push an authentication request to your phone. You unlock your phone, authenticate using a PIN code or a biometric identifier, and you’re on your way. This process will sound familiar to those who already use a phone-based two-factor authentication, but this replaces the password rather than adding a step. What’s more, the new FIDO system works via Bluetooth. As the white paper explains, “Bluetooth requires physical proximity, which means that we now have a phishing-resistant way to leverage the user’s phone during authentication.” This new feature should be available on the Apple, Google and Microsoft platforms in the coming year.

⇨ Ars Technica, Ron Amadeo, “Apple, Google, and Microsoft want to kill the password with “Passkey” standard.”

2022-05-05