Alphanumeric passwords have been seen as a poor security option for almost as long as they’ve been in widespread use. Furthermore, as technology has advanced, what started as a poor option has become legitimately dangerous.
Now, the tech industry’s biggest players have come together to finally disrupt the market and try to kill off passwords for good.
Multifactor authentication (be that biometric logins, two-factor authentication, physical security keys or others) is widely accepted as the best way forward, but it’s currently too multifaceted and unstandardised.
To combat this, Microsoft, Google and Apple have pledged to end the disarray once and for all – as doing so would not only kill off passwords, but could also put an end to phishing scams as well.
The tech giants are working with the FIDO Alliance, which has been working to eradicate alphanumeric passwords since back in 2013. Whilst still working to their own processed and timelines, all three have pledged to roll out new solutions during 2022, meaning traditional passwords could be well on their way out even before the end of the year.
In practice, an updated system would involve users signing into certain sites or accounts on their laptop, say, by simply unlocking their phone. Doing so provides the assurances that it’s the real user wanting access and not a scammer.
Not only is this process quicker, it removes the need to remember and type passwords – along with the other issues, like re-using passwords across sites, which effectively gives hackers a master key to all accounts if they gain access to just one.
To make life even more straightforward for users, these FIDO passkeys that take the place of old passwords will be linked to accounts, not devices. That way, if a user changes their phone or laptop, all they need to do is sign back into their main account on the new device and all the security credentials are up and running.
Google has said the move puts us “one step closer to a passwordless [sic] future”.
Windows, meanwhile, announced that support for FIDO passkeys has already been rolled out to Windows 365, Azure Virtual Desktop and Virtual Desktop Infrastructure. It’s currently in preview with Windows 11 Insiders, and on the way for Windows 10 as well.