World Password Day was celebrated May 5, and with it came a huge announcement from the biggest companies in tech: passwordless logins are coming, promising to make web security better than ever for millions of users.
Apple, Microsoft and Google have joined forces in an unprecedented attempt to make logins across the web more secure. This announcement couldn’t have come at a better time: recent statistics have shown that Americans are more concerned than ever with the security of their accounts.
Google searches for “password strength test” spiked 300% in 2021, according to a report which also showed that only 46% of Americans feel confident in the security of their accounts.
Straightforward, secure approach
Passwordless logins promise a simpler, more secure solution to the usual password/two-factor identification methods that users have grown accustomed to over the years. Google’s press release provides insight into how this technology will work:
“When you sign into a website or app on your phone, you will simply unlock your phone — your account won’t need a password anymore.
“Instead, your phone will store a FIDO credential called a passkey which is used to unlock your online account. The passkey makes signing in far more secure, as it’s based on public key cryptography and is only shown to your online account when you unlock your phone.
“To sign into a website on your computer, you’ll just need your phone nearby, and you’ll simply be prompted to unlock it for access. Once you’ve done this, you won’t need your phone again, and you can sign in by just unlocking your computer. Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off.”
FIDO (Fast IDentity Online) authentication is “a set of standards for fast, simple, strong authentication, developed by a conglomerate,” according to Google.
Seamless transition coming soon
The conglomerate of Apple, Microsoft, and Google ensures that the new passwordless experience will be seamless, as TechCrunch’s Carly Page explains: “Over the next year, the three tech giants will implement passwordless FIDO sign-in standards across macOS and Safari; Android and Chrome; and Windows and Edge. This means that, for example, users will be able to sign in on a Google Chrome browser that’s running on Microsoft Windows, using a passkey on an Apple device.”
This new way of signing into your accounts could be coming sooner than you think. “These new capabilities are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year,” according to a statement from the FIDO Alliance.
This will immediately benefit many, as findings from a report from the Identity Theft Resource Center in 2021 revealed that most users do not follow secure password practices at all, citing that it is too difficult to keep up with all of their passwords. Luckily, this new standard will make secure passwords feel as ubiquitous as unlocking a mobile phone with your fingerprint.
“Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience - all with the goal of keeping users’ personal information safe,” says Kurt Knight, Apple’s Senior Director of Platform Product Marketing.
What to do until this becomes a reality
Users aren’t left without a support system until this new standard is rolled out. Apple, Microsoft and Google provide excellent tools for anybody who wishes to make their accounts and passwords more secure. Everyone should want to make their accounts more secure, considering that the largest single password breach in history happened just last year.
Apple users can utilize iCloud Keychain, which remembers your passwords and automatically enters them when needed. If you’re a Google user, their excellent Password Manager is the single best way to secure your accounts.
Although Microsoft is slightly lagging behind their counterparts in offering a complete password manager, their Autofill extension or Authenticator app works across all web browsers, not just Edge.
As we approach the midway point of 2022, cybersecurity is more important than ever. After all, recent studies show that an astonishing 1 out of every 142 passwords is “123456,” according to a data dump of over one billion leaked passwords.
Web users should be more inclined than ever to safeguard their accounts, from our privacy to our financial well-being to our peace of mind and everything in between. According to Microsoft, “World Password Day is meant to foster good password habits that help keep our online lives secure” and was created by cybersecurity professionals in 2013.
With this new standard being announced, internet users everywhere will soon be living every day like it’s World Password Day.
