FIDO Alliance plans evolve passwordless sign-in standard

The FIDO (Fast IDentity Online) Alliance, comprised of Apple, Google, and Microsoft, has announced a joint plan to expand support for a common ‘passwordless’ sign-in standard.

Password-only authentication remains one of the largest security concerns across the internet; managing multiple passwords for different websites is burdensome for consumers, often leading them to use the same password across platforms – a practice which can lead to costly account takeovers, data breaches, and stolen identities.

Technology companies and service providers have worked with the FIDO Alliance to create passwordless sign-in standards already supported in billions of devices and all modern web browsers. Previous implementations, however, have meant that users needed to sign into each individual website or app with each device before being able to use the passwordless functionality.

By expanding the sign-in standards, and with FIDO now building wider support into their respective platforms, passwordless sign-ins are set to become easier and more secure, FIDO said.

Under FIDO’s plans, expanded standards-based capabilities will give websites and apps the ability to provide an end-to-end passwordless option.

With this new approach, users will sign in by performing the same actions they use daily to unlock their devices, such as fingerprint or facial verification, or by inputting a pin code.

The new capabilities are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year.

The new approach aims to protect against phishing and related attacks and will be radically more secure in contrast to the past standards of passwords and legacy multi-factor authentication technologies like one-time passcodes send via SMS, according to FIDO.

The key adaptations will also allow users to automatically access their FIDO sign-in credentials on many of their devices, including new ones, without the need to re-enrol each account. Users will also be able to use FIDO authentication on mobile devices to sign in to apps or websites on nearby devices, regardless of the OS platform they are using.

“Simpler, stronger authentication’ is not just FIDO Alliance’s tagline — it also has been a guiding principle for our specifications and deployment guidelines,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance.

“Ubiquity and usability are critical to seeing multi-factor authentication adopted at scale, and we applaud Apple, Google, and Microsoft for helping make this objective a reality by committing to support this user-friendly innovation in their platforms and products.”

    Share Story:

Recent Stories