Reprint & Permission About Us Disclamer

Top News

Apple, Google and Microsoft Pave Way Towards Passwordless Authentication

The Executive Headlines

Owing to a joint collaboration put forth by tech giants Apple, Google and Microsoft, we might be step closer to building passswordless sign-in across all devices and platforms. This paves way for the future of passwordless authentication.


Step Closer to Passwordless Authentication


May 5th marked the World Password Day. In a joint effort, Apple, Google and Microsoft announced that they have committed to building support for passwordless sign-in across all of the mobile, desktop, and browser platforms that they control in the coming year.

Effectively, this means that passwordless authentication will come to all major device platforms in the not too distant future: Android and iOS mobile operating systems; Chrome, Edge, and Safari browsers; and the Windows and macOS desktop environments.


Secured Passwordless Login


A passwordless authentication process will let users choose their phones as the main authentication device for apps, websites, and other digital services. Unlocking the phone with whatever is set as the default action—entering a PIN, drawing a pattern, or using fingerprint unlock—will then be enough to sign in to web services without the need to ever enter a password, made possible through the use of a unique cryptographic token called a passkey that is shared between the phone and the website.

By making logins contingent on a physical device, the idea is that users will simultaneously benefit from simplicity and security. Without a password, there will be no obligation to remember login details across services or compromise security by reusing the same password in multiple places.


Cross-platform Functionality


Equally, a passwordless system will make it much more difficult for hackers to compromise login details remotely since signing in requires access to a physical device; and, theoretically, phishing attacks where users are directed to a fake website for password capture will be much harder to mount.

The cross-platform functionality is being made possible by a standard called FIDO, which uses the principles of public key cryptography to enable passwordless authentication and multi-factor authentication in a range of contexts. A user’s phone can store a unique FIDO-compliant passkey and will share it with a website for authentication only when the phone is unlocked. Per Google’s post, passkeys can also be easily synced to a new device from cloud backup in the event that a phone is lost.

Instagram Linkedin Pinterest