- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
- 구글 클라우드, 구글 워크스페이스용 제미나이 사이드 패널에 한국어 지원 추가
- The best MagSafe accessories of 2024: Expert tested and reviewed
- Threads will show you more from accounts you follow now - like Bluesky already does
Microsoft, Apple and Google Team Up on Passwordless Standard
Some of the world’s biggest tech companies are throwing considerable weight behind a common passwordless sign-in standard that could finally signal the end of static credentials for many users.
Apple, Microsoft and Google announced plans to support the FIDO Alliance and World Wide Web Consortium (W3C) standard, making it easier for websites and apps to deliver end-to-end passwordless authentication via fingerprint/face scan or device PIN.
Although the companies already support passwordless log-ins, users previously had to sign in to each website or app separately on each device before they could use the functionality.
Under the new proposals, users will be able to automatically access their FIDO sign-in credentials or “passkey” on their devices, including new ones, without needing to re-enroll each account.
They will also be able to use their mobile device to sign in to apps or websites on “nearby” devices on any supported OS or browser, FIDO claimed.
The news means those using Android and iOS mobile operating systems, Edge, Safari and Chrome browsers, and Windows and macOS desktop operating systems will soon be able to say goodbye to passwords permanently.
That’s good news as it will remove a major weak link in the security chain that allows opportunistic attackers to hijack accounts and steal data by guessing, brute-forcing or buying passwords on the dark web.
It will also improve on legacy multi-factor authentication (MFA) methods such as sending passcodes via SMS, as these can be intercepted via SIM swapping and other techniques.
“The standards developed by the FIDO Alliance and World Wide Web Consortium and being led in practice by these innovative companies is the type of forward-leaning thinking that will ultimately keep the American people safer online. I applaud the commitment of our private sector partners to open standards that add flexibility for the service providers and a better user experience for customers,” said Jen Easterly, Director of the US Cybersecurity and Infrastructure Security Agency (CISA).
“At CISA, we are working to raise the cybersecurity baseline for all Americans. Today is an important milestone in the security journey to encourage built-in security best practices and help us move beyond passwords. Cyber is a team sport, and we’re pleased to continue our collaboration.