A new authentication standard being pushed by Mozilla and Google may one day make passwords obsolete.
Dubbed Web Authentication or WebAuthn, this new open standard for web authentication relies on biometrics (fingerprints, facial recognition) and USB tokens to secure users’ multiple web accounts, according to a statement from the Fast IDentity Online (FIDO) Alliance.
USB tokens are like master keys. They are physical devices that hold electronic information to identify a user without the use of passwords.
WebAuthn is currently available for Firefox users in the browser’s latest version. Chrome and Edge will adopt WebAuthn in upcoming software updates in the next few months. One of the benefits in doing away with passwords is security against phishing attacks. Since there is no string of characters to decode and exploit like in passwords, a user’s electronic identity becomes more secure.
“While there are many web security problems and we can’t fix them all, relying on passwords is one of the weakest links,” said W3C CEO Jeff Jaffe.
This new standard was made possible by the combined efforts of the FIDO Alliance and World Wide Web Consortium (W3C). FIDO specializes in finding a universal way for users to access devices and services without having to remember multiple usernames and passwords.
Meanwhile, W3C is an international community where member organizations, in-house staff and the public work together to develop Web standards.
The open standard nature of WebAuthn means more developers will have access to it. This will help hasten the implementation of WebAuthn across the internet.
Until WebAuthn becomes the preferred method of keeping online accounts secure, Firefox, Chrome and Edge users will at least have the option to sync all their information in a unique fingerprint, face or USB token. /ra
RELATED STORIES:
Paypal moves to offer traditional banking services
IBM builds ‘salt grain-sized’ computer to beef up blockchain security
Google calls on developers to build games on top of Maps data