A world without passwords is currently hard to imagine. But that is exactly what Apple, Google and Microsoft are working on together with the organization FIDO Alliance. We explain the background.
For many, passwords are an annoying side effect of the internet. No wonder that in 2021 the password “123456” still ranks first on the list of the most frequently chosen passwords by the Hasso Plattner Institute.
But the following places with “password”, “12345” and “hello” also leave a lot to be desired in terms of security. However, the reason for the popularity of these simple passwords is obvious: they are easy to remember.
But what if we no longer had to remember passwords or think up complicated combinations of numbers and letters? This is exactly what Apple, Google and Microsoft are striving for together with the organization FIDO Alliance.
Was plant die FIDO Alliance?
Just in time for World Password Day on May 5th, the FIDO Alliance announced that Apple, Google and Microsoft will soon introduce passwordless logins on all major platforms.
FIDO stands for “Fast IDentity Online” – in the alliance founded in 2013, numerous tech companies have joined forces to develop a global standard for authentication on the Internet.
Now, with Apple, Google and Microsoft, three of the largest corporations in the world are daring to make a move. Because they have committed to developing passwordless login for their mobile, desktop and browser platforms as early as next year.
With Apple and Google on board, this also means that all users of iOS or Android devices will be able to use the new feature. There are also desktop computers with Windows and MacOS operating systems, as well as Google’s Chrome browser and Apple’s Safari.
What are the corporations hoping for from the FIDO Alliance?
Data protection is becoming more and more important for the big tech companies. Apple is working with the industry at this point to “empower new, more secure sign-in methods,” says Kurt Knight, senior director of Platform Product Marketing.
In this way, better protection can be guaranteed for users and the “weak points of passwords” can be eliminated.
Just as we design our products to be intuitive and powerful, we design them to be private and secure.
The group always has the goal of “protecting the personal data of users”.
How is passwordless authentication supposed to work?
For example, users can select their smartphone as the main authentication device for apps or websites, according to a Google blog post.
All you have to do is unlock the phone – passwords are no longer required. This also works with the computer – for this, too, users only have to unlock their smartphone.
This is made possible by the so-called “Passkey” from FIDO, which is stored on the smartphone. It contains the proof of eligibility that an online account needs to unlock.
According to Google, the “passkey” is “based on encryption with public keys”. If a phone is lost, the “passkey” can be restored from the cloud backup.