On the occasion of World Password Day, Google, Apple and Microsoft officially announce that they will work together to adopt an alternative technology, which makes it useless to use traditional passwords, no matter how well chosen they may be.
The truth is that no matter how long and difficult to guess, passwords consisting of a single string, typed or auto-filled in a web form, can be easily intercepted. Instead, the alternative derived from cryptographic technologies already commonly used to secure connections can be modified to completely avoid the human factor. For example, reusing it, either for convenience or for lack of inspiration, is a major cause for the mass compromise of online accounts.
Like if, instead of typing or checking an auto-fill password, you could access any online site or account by simply connecting a digital key to the USB port. Just as you do when you enter your home. Well, the technology already exists, but it’s not completely free of cost, which is reason enough to block its widespread adoption so far.
Backed now by the unmistakable tech giants, the FIDO Alliance is the organization that has been campaigning for some time to introduce passwordless login systems, using a standardized access key that you can buy from anywhere.
Under the new system, to sign in with an online smartphone account, you may only need to repeat the procedure already used to unlock the screen by typing the pin code, validating your fingerprint, or using facial recognition. The universal password replacement will actually be securely stored on your phone in the form of a cryptographic key, ideally with the help of a dedicated security chip. And if you lose your phone, you’ll be able to lock it remotely, protecting any online accounts accessible from that device. The system is versatile enough to allow you to generate a new cryptographic access key, following a procedure to reconfirm your identity. Everything without having to memorize any new password.
Because Google, Apple, and Microsoft are working together to adopt the FIDO standard, the authentication system can be used universally, whether you’re a fan of Android, Windows, iOS, or use them all together.