(San Francisco) The ordeal of passwords could end within a year: Google, Apple and Microsoft announced Thursday an agreement to build a system allowing authentication without having to memorize a series of cabalistic signs.
“With the new feature, consumers will be able to authenticate to websites and mobile apps easily, password-free and securely, regardless of device or operating system,” FIDO summarized. Alliance (Fast Identity Online Alliance) in a press release.
Since 2012, it has brought together industry players to work on common authentication systems.
The goal, explains Google, is that users can connect to an online service simply by unlocking their smartphone (via their usual method: fingerprint, facial recognition, multi-digit code, etc.)
Concretely, a website can ask the Internet user if he wants to “authenticate himself with his FIDO identifiers”. This message will appear simultaneously on his phone, where the user will just need to accept, by unlocking his screen, to be connected to the site.
Smartphones will keep these coded identifiers, called “passkey” (access key).
The three technology giants have committed to implementing this new system within twelve months, on Android and iOS (the mobile operating systems of Google and Apple), on Chrome, Edge and Safari (the browsers of Google, Microsoft and Apple) and on Windows and macOS (the Microsoft and Apple operating systems for computers).
“Password-only authentication is one of the most significant security issues on the web,” Apple notes in its statement.
Unable to manage so many different passwords, individuals often reuse the same one, which facilitates account takeovers, data leaks and identity theft.
“The new approach will protect against phishing, and logging into a service will be radically safer than passwords and other technologies like one-time codes sent by text message,” adds the iPhone maker.
The three American companies made their announcement on the occasion of World Password Day.
Alex Simons, vice president of Microsoft, spoke in the FIDO Alliance press release of a “complete transition to a world without passwords” where “consumers would get into the habit of going without them on a daily basis”.