Websites will be phasing out passwords

  • TECH
  • Thursday, 12 Apr 2018

WebAuthn is expected change the way that people access the Web,

If you are one of the many people who struggle to remember long and complicated passwords, the days of clicking "forgot password" will soon be a thing of the past.

Web standards bodies World Wide Web Consortium (W3C) and Fido Alliance announced WebAuthn, a new web authentication standard that lets users replace passwords with more secure login methods like biometrics.

Users can use devices such as smartphones, USB tokens, fingerprint scanners or webcams, which would communicate with the websites via Bluetooth, NFC or USB.

"Security on the web has long been a problem which has interfered with the many positive contributions the Web makes to society. While there are many web security problems and we can't fix them all, relying on passwords is one of the weakest links. With WebAuthn's multi-factor solutions we are eliminating this weak link, stated W3C chief operating officer Jeff Jaffe in a statement. "WebAuthn will change the way that people access the web."

For example, if a user wants to log in to a website, they will receive an alert on their smartphone and they can use their fingerprint to gain access without using a password. The authentication token would only last as long as it takes to authenticate the user, and would require a specific device to authenticate.

"After years of increasingly severe data breaches and password credential theft, now is the time for service providers to end their dependency on vulnerable passwords and one-time-passcodes," said Fido Alliance executive director Brett McDowell, who suggests that websites and service providers should adopt phishing-resistant alternatives instead.

Facebook and Google are two of the major websites that already use Fido Alliance's services for login authentication, but now with the support of W3C more sites and services can use WebAuthn to eliminate the need to use passwords as a login method.

Google, Microsoft, and Mozilla have committed to supporting the WebAuthn standard in their flagship browsers and have started implementation for Windows, Mac, Linux, Chrome OS and Android platforms. No news from Apple's Safari yet.

WebAuthn API is already available to public, and developers and vendors can start on building support into their products and services

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Tech News

Musk's move to close Twitter deal leaves Tesla investors worried
Italy's De Nora teams up with GES on hydrogen battery project
Elon Musk, Twitter have yet to reach deal to end court battle -sources
As EV sales grow, battle over U.S. road weight limits heats up
Spotify acquires firm that detects harmful content
Lawmakers press U.S. Commerce for tougher checks on semiconductor chip subsidies
MENA emerges as world's fastest-growing crypto adopter -study
Dad of two dies after GPS directs him to washed-away bridge, North Carolina family says
Video game maker CD Projekt rises after strategy update, share buyback
Apple will be forced to use new charger after EU votes for USB-C

Others Also Read