Apple, Google, and Microsoft announced that they will expand support for a common passwordless sign-in standard across all their platforms. The aim is to let users sign in easily and securely without a password across various websites and applications. In short, it means that passwordless sign-in will soon be an option on Windows and macOS desktops, Android and iOS mobile operating systems, as well as major browsers like Chrome, Edge, and Safari.
Why the shift?
The main reason is that password-only logins have always been problematic and, as time goes on, are becoming a less reliable and secure way of signing in. A joint press release from the three tech giants explains how password management can be cumbersome for users, so they often end up reusing passwords across various websites and platforms, which is very ill-advised. It puts users at risk of account takeovers, data breaches, and identity theft. As we’ve discussed on the SSLs blog before, weak password choices are also surprisingly prevalent. Some of the most common password choices are still Password and 123456, which, as you can imagine, are very easy for hackers to crack. While the press release acknowledges that password managers and two-factor authentication have helped, there is still a need for an industry-wide technology that’s both more secure and convenient.
That’s where the FIDO standard comes in.
How passwordless sign-in will work
The FIDO standard was created by the FIDO (Fast IDentity Online) Alliance and the World Wide Web Consortium. Billions of devices already support this passwordless sign-in standard, but currently users are still required to sign in to individual websites, apps, or devices to enable passwordless sign-in first. Apple, Google, and Microsoft have led the development of expanding passwordless sign-in capabilities so that this will no longer be necessary.
The idea behind passwordless sign-in is simple and is not unlike the multi-factor authentication methods used currently, though without the need to register passwordless sign-in manually every time. That’s thanks to the FIDO passkey. Users will be able to use their phones to sign in to any website, app, or nearby device, by sharing their fingerprint or face, entering a pin, or drawing a shape. This will allow the user’s FIDO passkey to be shared with the website, device, or app the user is trying to sign into without re-enrolling their account. According to FIDO, this new passwordless sign-in method will eliminate the need for passwords, even for alternative sign-ins or account recoveries.
Apple, Google, and Microsoft are expected to roll out these new capabilities over the course of this year.
Wrap up
This is exciting news for anyone who’s ever had trouble coming up with and remembering strong passwords and is sick of dealing with password managers. If these passwordless sign-in capabilities are as effective as FIDO claims, then logging into online accounts will be more convenient than ever, and passwords will finally become obsolete.
Cora is a digital copywriter for SSLs.com. Having eight years of experience in online content creation, she is a versatile writer with an interest in a wide variety of topics, ranging from technology to marketing.