Tech giants, Microsoft, Google, and Apple are collaborating to create a new world where passwords will not be needed to access devices, webs, or apps.
The three organisations are working to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium.
The new capability will allow websites and apps to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms.
This move is premised on the belief that passwords have been one of the biggest security challenges for consumers.
The three organisations in a joint statement announcing the partnership said: “Password-only authentication is one of the biggest security problems on the web, and managing so many passwords is cumbersome for consumers, which often leads consumers to reuse the same ones across services.
“This practice can lead to costly account takeovers, data breaches, and even stolen identities. While password managers and legacy forms of two-factor authentication offer incremental improvements, there has been industry-wide collaboration to create sign-in technology that is more convenient and more secure.
“The expanded standards-based capabilities will give websites and apps the ability to offer an end-to-end passwordless option. Users will sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN.
This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS.
“Passkeys are a safer, faster, easier replacement for your password. With passkeys, you can sign in to any supported website or application by simply verifying your face, fingerprint or using a device PIN. Passkeys are fast, phish-resistant, and will be supported across leading devices and platforms.
Your biometric information never leaves the device and passkeys can even be synced across devices on the same platform – so you don’t need to enroll each device and you’re protected in case you upgrade or lose your device.”