Dealing with passwords can be extremely frustrating. Whether it’s constantly having to reset them because of hacks or simply trying to remember ‘unique’ passwords for the 130 accounts the average user has registered to their email addresses, saying passwords are a headache may be an understatement. Which is why many may be relieved to hear that this could be a thing of the past.
Recently, the World Wide Web Consortium (W3C) and the FIDO Alliance took big steps towards phasing out the use of traditional passwords by announcing WebAuthn, which is short for Web Authentication, as an official web standard. The login format essentially kills the password in favor of letting people log in using biometrics, such as fingerprints and facial recognition, or through security keys, and in some cases other electronic devices that are compatible with one another.
Aside from the ease of not having to remember or enter a password, the new login standard also has major security benefits, according to the W3C. Login keys used in WebAuthn, such as FIDO2, are unique to a specific site. If a person chooses to login using biometric technology, such as facial or fingerprint scanners, that information is only stored on their device and will never stay on the server. Additionally, those unique credentials could help prevent companies from following users around the internet and tracking their every move.
WebAuthn is already supported by most popular browsers, including Google Chrome, Microsoft Edge, Apple’s Safari, and Mozilla Firefox. Its official approval paves the way for more sites to integrate it as a standard login option. Dropbox and Microsoft were both early adopters that announced support for WebAuthn last year.
While the password isn’t going to the tech graveyard just yet, the announcement was mostly a warning sign that passwords are reaching the end of its time as the most trustworthy and safe Internet security credential.