The Internet Just Took a Big Step Toward Killing Passwords. Here’s What We’ll Use Instead
Passwords are problematic, whether it’s constantly having to change them due to a hack, resetting them, and even just remembering a unique password for the 130 accounts the average user has registered to their email address.
The Worldwide Web Consortium and the FIDO Alliance took a big step toward killing the password on Monday when they announced WebAuthn, which is short for Web Authentication, is now an official web standard. The login format kills the password in favor of letting people log in using biometrics, such as fingerprints, and facial recognition, or through security keys, and devices such as smartphones, and smartwatches.
Aside from the ease of not having to remember or enter a password, the new login standard also has some major security benefits, according to the Worldwide Web Consortium. Login keys, such as FIDO2, are are unique to a specific site. If a person chooses to login using their face or fingerprint, that information is only stored on their device, and never stays on a server. Additionally, those unique credentials could help prevent companies from following users around the Internet and tracking their every move.
WebAuthn is already supported by most popular browsers, including Google Chrome, Microsoft Edge, Apple’s Safari, and Firefox. Its official approval paves the way for more sites to integrate it as a standard login option. Dropbox and MIcrosoft were both early adopters that announced support for WebAuthn last year.
While the password isn’t going to the tech graveyard in the near future, the announcement on Monday was mostly a warning sign that its reaching the end of its time as the most trustworthy and safe Internet security credential.