Apple, Google, and Microsoft move toward 'passwordless future'

May 6, 2022 - 9:54 AM

Apple, Google, and Microsoft announced their joint efforts to provide support for passwordless sign-in technology.

The three companies will collaborate to build passwordless support for all of their mobile, desktop, and browser platforms later this year, they announced in a joint press release on Thursday. While the companies have previously incorporated two-factor authentication to maintain security, this update would remove the password entirely and allow users to log in to most accounts with the push of a button.

“Just as we design our products to be intuitive and capable, we also design them to be private and secure,” said Kurt Knight, Apple’s senior director of platform product marketing. “Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all with the goal of keeping users’ personal information safe.”

This new process would allow users to authenticate their login attempts with their phones, according to a Thursday Google blog post. Mobile devices would store FIDO credentials, or passkeys, which users employ to unlock linked online accounts.

RUSSIA USES CYBERATTACKS IN HYBRID WAR APPROACH

The Fast Identities Online Alliance, or FIDO, is a digital standard that uses public-key cryptography to communicate a security authorization to the account and is considered a more complicated version of two-factor authentication. Login attempts prompt mobile devices to open for access, requiring the user to type in a pin, approve the account access, or perform some other action to approve the login attempt.

While many devices use FIDO authentication, the process still required the use of a password prior to the FIDO configuration, which left users vulnerable to password theft. The new process would remove the need for passwords.

“This extended FIDO support being announced today will make it possible for websites to implement, for the first time, an end-to-end passwordless experience with phishing-resistant security,” FIDO Alliance President Sampath Srinivas told the Verge. “This includes both the first sign-in to a website and repeat logins. When passkey support becomes available across the industry in 2022 and 2023, we’ll finally have the internet platform for a truly passwordless future.”

CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER

Stealing passwords is a common tool for committing identity theft. Roughly 70% of cybercrimes in one 12-month period consisted of "social engineering attacks," according to Microsoft's "Digital Defense Report" from September 2020. These attacks included sending phishing emails to acquire critical login information, such as passwords.