Skip to content

Bye-bye, password! Apple, Google and Microsoft want to revolutionize login

Passwords have become an indispensable part of our everyday online life. One is indispensable for almost all accounts. It can quickly happen that you lose track of them. To solve this problem, Apple, Microsoft and Google, among others, want to abolish the password and are planning a completely different approach.

To protect yourself as best as possible, many online accounts, social media channels, etc. are password protected. Either you take a different password for each individual platform or you have an overarching universal password. However, the latter can be quite dangerous if someone else is able to access all profiles, accounts and channels in one fell swoop.

This is one of the reasons why major Internet companies have joined forces and are planning a kind of “password revolution. If they have their way, logging in by password will no longer be the standard in the future.

FIDO standards to replace the classic password

Authentication is the keyword here. It is now also possible to log in with a fingerprint, facial recognition or a PIN. The FIDO Alliance has announced that new models are being sought. But what exactly will these look like?

First, a brief explanation of what is behind FIDO: The abbreviation stands for “Fast Identity Online” and is a non-commercial alliance of numerous companies. The goal is to develop license-free and open authentication standards on the Internet. Put simply: passwords are to be abolished.

Login without password: That’s the principle

But now to the plan of Google, Microsoft and Apple. Password logins would not offer sufficient protection against data theft or phishing, for example. A passwordless end-to-end option is therefore to become the login norm.

Together with FIDO, the tech giants have come up with two options. First, there’s the FIDO credential, also called a passkey. The other is FIDO authentication. Here’s how these two approaches work, respectively:

  • FIDO credentials (passkey): A user can automatically access FIDO credentials (passkey) through multiple devices. This way, you don’t have to keep logging in to each account.
  • FIDO authentication: A user can use the smartphone (or other mobile device) to log in or authenticate to a website or app on another device nearby.

Nothing works without a second key

At the same time, it’s basically like a key principle. The FIDO foundation is a cryptographic master key that is private. For each service, app or similar, a separate key is generated with it. But in order to log in to any service, it needs a counterpart, which can be seen as a kind of public key. If you now want to log in to a website, a request arrives at the private key. The user then confirms this request, for example, via Face ID, fingerprint, or similar.

Apple, Microsoft and Google now want to integrate this standard into their operating systems. Since the passkeys are then stored in the respective accounts, there is no drama if the smartphone is stolen or lost. After all, they can be recovered. The new functions should be available on the Google, Apple and Microsoft platforms by the end of 2023 at the latest. However, it is still unclear whether the passwordless standard will also work across systems.

However, the planned innovation will definitely simplify things for users. Since it is now common to use multiple devices in addition to many user accounts, a passwordless solution would save a lot of time. In addition, fingerprint sensors and Face ID are common for many users in other areas via newer smartphones.

Source

  • FIDO

Topics

  • Apple
  • Google
  • Internet
  • Microsoft
  • Security