Making passwords a thing of the past
Google, Microsoft and Apple join forces to simplify the sign-in process, safely
WHAT’S the worst thing about using the internet, phone apps and online services?
I’m going to take a wild guess and imagine most of you are now thinking about passwords.
Either you can’t remember them, or they’re so weak you might as well not have one in the first place.
Around this time of year, with World Password Day on May 5, I usually like to remind everyone to keep their passwords strong and up to date, to use two-factor authentication where they can, and to consider signing up for a password manager service that will help them do all the above.
Not this year. This year I’m going to tell you about a future in which we don’t have to worry about passwords at all.
At last, we may well be approaching an age in which the single biggest barrier to safety and privacy is a thing of the past.
In a somewhat unprecedented move, Google, Microsoft, and Apple have united to announce plans to simplify sign-ins for apps, websites, and services by expanding support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium.
The FIDO Alliance is a consortium of organisations set up 10 years ago to try to establish a passwordless sign-on standard that everyone can sign up for, and the FIDO standard is already in use in some places. FIDO stands for Fast Identity Online.
But the news this week of the three big tech giants uniting to make this standard the one for use across all platforms makes the whole thing’s adoption widely much more likely to happen fast. Google, Apple, and Microsoft say they’ll be building the technology into their ecosystems over the coming year.
The goal really is quite simple – everyone will have their verified FIDO credentials stored in their phone securely – these days most phones are protected by face recognition or fingerprint recognition technology, which is some orders of magnitude more secure than a simple password.
When you go to log in to anything, you just unlock your phone near the device on which you’re logging on, and you’ll be in.
Your face and fingerprint will not just be the keys to your phone, but also your keys to the wider web of services, apps and sites.
The FIDO credentials stored on your phone will also be backed up online, so if you get a new phone, you’ll still have frictionless access.
So, the hope is, by next World Password Day, we won’t need to be talking about passwords at all.
Whether you’re on Android or iOS, look out for updates soon that will make this magical world a reality.