Apple, Google and Microsoft announced plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. This new capability will allow websites and apps to offer secure passwordless sign-ins to consumers across devices and platforms.
Password-only authentication is a security problem often leading to account takeovers, data breaches and even stolen identities.
While password managers and legacy forms of two-factor authentication offer slight improvements, there has been industry-wide collaboration to create sign-in tech that is more convenient and secure.
An end-to-end passwordless option will help protect against phishing and will be more secure when compared to passwords and legacy multifactor technologies, such as one-time passcodes sent over SMS.
Apple, Google and Microsoft are expanding its capabilities and are now building support into its respective platforms. Its previous implementations require users to sign in to each website or app with each device before they can use passwordless functionality.
Apple, Google and Microsoft commitments extend platform implementations to give users two new capabilities for more seamless and secure passwordless sign-ins:
- Allows users to automatically access their FIDO sign-in credentials (referred to by some as a “passkey”) on many of their devices, even new ones, without having to re-enroll every account.
- Enables users to use FIDO authentication on their mobile device to sign into an app or website on a nearby device, regardless of the OS platform or browser they are running.
In addition to facilitating a better user experience, the support of this standards-based approach will enable service providers to offer FIDO credentials without needing passwords as an alternative sign-in or account recovery method.
These new capabilities are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year.