In a rare show of partnership, Apple, Google and Microsoft have joined forces to expand support for passwordless logins across mobile devices, desktops and browsers.
Passwords are notoriously insecure, with weak and easily guessed credentials accounting for more than 80% of all data breaches, according to Verizon’s annual data breach report. While password managers and multifactor technologies offer incremental improvements, Apple, Google, and Microsoft are working together to create sign-in technology that’s more convenient and more secure.
The tech giants announced Thursday that they are expanding support for a passwordless login standard from the FIDO Alliance and the World Wide Web Consortium, meaning you’ll soon be able to use your smartphone to log into an app or website on a mobile device. nearby device, regardless of the operating system or browser you are using. You’ll use the same action you take multiple times a day to unlock your smartphone, such as with a verification of your fingerprint, face scan, or a device PIN.
Users will also be able to automatically access their FiDO login credentials, or “access keys,” on multiple devices, including new ones, without having to re-enroll each account.
While all three companies have long supported the passwordless login standard created by the FIDO Alliance, users are still forced to log in to each website or app with each device before they can use the passwordless feature. Over the next year, all three tech giants will implement passwordless FIDO login standards in macOS and Safari; android and chrome; and Windows and Edge. This means that, for example, users will be able to sign in to a Google Chrome browser running on Microsoft Windows, using a passkey on an Apple device.
This will make it much more difficult for hackers to compromise login details remotely, since logging in requires access to a physical device.
“Working with the industry to establish new, more secure login methods that offer better protection and eliminate password vulnerabilities is central to our commitment to building products that offer the highest security and a transparent user experience, all with the goal of keeping users’ personal information safe,” said Kurt Knight, Apple’s senior director of platform product marketing, in a press release.
This new collective commitment was praised by Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency (CISA), who called it “the kind of forward-thinking that will ultimately keep Americans safer.” online”.
“At CISA, we are working to raise the cybersecurity foundation for all Americans,” Easterly added. “Today marks an important milestone in the security journey to advance integrated security best practices and help us move beyond passwords. Cyber is a team sport and we are pleased to continue our collaboration.”
While password has so far survived many attempts to kill them for good, this could be one of the last nails in the password coffin.