There’s no argument that passwords can be difficult to work with. They have been replaced in some key situations by biometric logins, such as fingerprint and facial identification. Apple, Google, and Microsoft have joined efforts to make this more universal and create an industry standard to replace passwords with a “passkey.”
Joing Efforts to Create Passkey
The FIDO Alliance was created by Apple, Google, Microsoft, and others in the industry to “address the lack of interoperability among strong authentication technologies and remedy the problems users face with creating and remembering multiple usernames and passwords.”
On May 5, 2022, the FIDO Alliance and World Wide Web Consortium pushed ahead the commitment to make a more secure Web by expanding support for a “common passwordless sign-in standard.” The vision is for websites and apps to offer a universal system for passwordless signins.
We can all appreciate this effort. The rules for creating strong passwords are well known. Yet, many of us end up not following them, using a cloud-based system to store them, using 2FA, or resorting to biological logins for multiple devices, websites, and apps.
The drive behind the renewed industry effort is for websites and apps to have an end-to-end passwordless option. People would use the same action on websites and apps that is used to sign in to their devices. Many devices and OS provide such a service, but the thought is to create something more universal. It would protect users from phishing while also being more secure than passwords and other prior solutions.
Apple, Google, and Microsoft have led the way and are working with hundreds of technology companies and service providers in the FIDO Alliance and the World Wide Web Consortium to create this new industry standard.
While you may be thinking you already use something similar on your device, before you can use the current passwordless functionality, you have to sign in to each website or app to use it. The initiative would like to make this process more seamless.
The initiative includes the following objectives:
- “Allow users to automatically access their FIDO sign-in credentials (referred to by some as a ‘passkey’) on many of their devices, even new ones, without having to re-enroll every account.
- “Enable users to use FIDO authentication on their mobile device to sign in to an app or website on a nearby device, regardless of the OS platform or browser they are running.”
The initiative would lead to a passkey that would not require passwords as either an alternative or recovery method. Most would agree that only needing to remember one thing instead of multiple passwords would be the ultimate.
Several industry experts, including Apple, Google, and Microsoft, lent their thoughts on this initiative to replace multiple passwords with one universal passkey.
“Just as we design our products to be intuitive and capable, we also design them to be private and secure,” said Apple’s senior director of Platform Product Marketing, Kurt Knight.
“Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience – all with the goal of keeping users’ personal information safe.”
Mark Risher, senior director of Product Management, Google, said the initiative is a “testament to the collaborative work being done across the industry.” For his company, “it represents nearly a decade” of working with FIDO.” Google looks forward “to making FIDO-based technology available across Chrome, ChromeOS, Android, and other platforms, and encourage app and website developers to adopt it.”
The shift from passwords to a universal passkey system “will begin with consumers making it a natural part of their lives,” explained Alex Simons, Corporate Vice President, Identity Program Management at Microsoft. “Any viable solution must be safer, easier, and faster.” He added that the company “will continue to build support across Microsoft apps and services.”
“Ubiquity and usability are critical to seeing multi-factor authentication adopted at scale, and we applaud Apple, Google, and Microsoft for helping make this objective a reality,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance.
“Today is an important milestone in the security journey to encourage built-in security best practices and help us move beyond passwords,” stated Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency.
The FIDO Alliance expects this new universal passkey system to be available across the Apple, Google, and Microsoft platforms throughout the year.
While you wait for the passkey system to arrive on your platform, learn how to sync passwords across your devices in Firefox.