Because passwords often pose a security risk, tech giants like Apple and Google are working on a new login standard.
the essentials in brief
- Typing in passwords will soon be a thing of the past.
- Leading tech companies are working on the so-called Passkey for this purpose.
- This works for several services on various devices.
Again and again, criminals take advantage of weak passwords. This sometimes has dire consequences – up to and including theft of the entire digital identity. And even if you have chosen a secure password, it is basically possible for hackers to access this too.
Many IT, finance and shopping giants have now recognized this problem. The largest tech companies in the world have joined forces in an alliance. They are working on implementing a security standard designed to make traditional passwords obsolete.
What does this mean for users?
Numerous sites and portals on the web today rely on two-factor authentication, and banking institutions also secure transactions accordingly. However, many addresses can still only be reached via passwords.
The FIDO Alliance was founded with the intention of changing that and developing both more secure and more convenient login methods.
Apple and Co. explain traditional password for outdated technology
FIDO stands for “Fast Identity Online” and is intended to do no less than throw the password overboard. In the meantime, the chances are not bad, because well-known allies have joined the alliance in recent years.
The project is supported by the shipping giant Amazon, the IT top dogs Apple, Google, Microsoft and Samsung through to the meta group. Money service providers such as Mastercard, Visa and PayPal are also included.
To log in, looking at the camera or tapping on the fingerprint sensor would then suffice. Be it in social networks, with mail services, on bank portals, for online shopping, and, and, and.
Users need a so-called «passkey». If users register with an online service, a new, matching and encrypted pair is created on their own device.
While one of these keys migrates publicly to the respective service, the other remains private on the device. The latter can then be used to unlock if the user confirms his identity on the local device.
This can happen via biometric data such as facial recognition or fingerprints, but also via a device PIN. Ultimately, logging in is just as easy for the user as unlocking the cell phone.
This should also work across platforms if a user wants to log in to one site on a laptop and cell phone. According to FIDO, the biometric information should never leave the smartphone.
And the keys should therefore not contain any information that could be used by services to track users.
More convenience when logging in
The increased convenience provided by a FIDO login is obvious: Users are offered a standardized login and registration method without having to take operating systems or individual service providers into account. This is significantly more secure than the classic password.
Accessing the access data on several devices should also be possible in the future across the competition. Just like logging into apps or websites on nearby devices. Apple explains, for example, that passkeys can be synchronized on all of a user’s devices via the end-to-end encrypted iCloud keychain.
Apple, Microsoft and Google have recently been in charge of the technology and want to offer it on all platforms from 2023. After all, billions of devices worldwide already have the technical requirements.
More on the subject: