Apple, Google, Microsoft Expand Support of Passwordless Sign-Ins

passwordless signin, microsoft, google, apple, security

In a team initiative to upgrade the security of the internet, Apple, Google, and Microsoft are expanding support for a passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium (W3C).

“‘Simpler, stronger authentication’ is not just FIDO Alliance’s tagline — it also has been a guiding principle for our specifications and deployment guidelines. Ubiquity and usability are critical to seeing multi-factor authentication adopted at scale,” Andrew Shikiar, executive director and CMO of the FIDO Alliance, said in a Thursday (May 5) press release.

“This new capability stands to usher in a new wave of low-friction FIDO implementations alongside the ongoing and growing utilization of security keys — giving service providers a full range of options for deploying modern, phishing-resistant authentication,” Shikiar said.

See also: Data Point: Nearly 25% of Consumers Verifying Digital Account Access Via Multiple Devices

One of the central security issues on the internet is password-only authentication. It’s hard for people to keep track of numerous unique passwords, which often causes them to reuse the same one for multiple services. Reusing the same password is a major security risk that can lead to account takeovers, data breaches and stolen identities.

Password managers and two-factor authentication offer improvements, however, across the industry around the world, tech companies and service providers collaborated within the FIDO Alliance and W3C to develop a sign-in method that is more secure and convenient.

Related: Had It With Passwords? Two-Thirds of Consumers Are Done With Antiquated Authentication

The passwordless sign-in standards are already being supported in billions of devices and all contemporary web browsers. Apple, Google, and Microsoft spearheaded the development of this expanded set of capabilities and are in the process of building the support into their respective platforms.

With the new capabilities, websites and apps can offer an end-to-end passwordless option. Users will verify their identity to unlock their devices by verifying their fingerprint or face or a device PIN.

“This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS,” per the release.

You may also enjoy: Biometrics Brush Aside Passwords, Bring Curtain Down on ‘Security Theater’