Passwordless Logins Are Becoming A Reality

The World Wide Web Consortium (W3C) and the FIDO Alliance announce that the Web Authentication (WebAuthn) specification is now an official web standard. This advancement is considered a major step forward in making the web more secure and usable.

 

W3C’s WebAuthn Recommendation, a core component of the FIDO Alliance’s FIDO2 set of specifications, is a browser/platform standard for simpler and stronger authentication. It is already supported in Windows 10, Android, and Google Chrome, Mozilla Firefox, Microsoft Edge and Apple Safari (preview) web browsers. WebAuthn allows users to log into their internet accounts using their preferred device. Web services and apps can — and should—turn on this functionality to give their users the option to log in more easily via biometrics, mobile devices and/or FIDO security keys, and with much higher security over passwords alone.

Sponsored by Digi-Key

Digi IX20 Secure LTE Router Available for Immediate Shipment from Digi-Key

The IX20 rugged, secure LTE router is a great choice for applications from basic connectivity to industrial-class and security solutions. Its high-performance architecture gives primary and backup WWAN over software selectable multi-carrier LTE.

 

FIDO2 addresses the top issues of traditional authentication:

  • Security: FIDO2 cryptographic login credentials are unique across every website, biometrics or other secrets like passwords never leave the user’s device and are never stored on a server. This security model eliminates the risks of phishing, all forms of password theft and replay attacks.
  • Convenience: Users log in with simple methods such as fingerprint readers, cameras, FIDO security keys, or their personal mobile device.
  • Privacy: Because FIDO cryptographic keys are unique for each internet site, they cannot be used to track users across sites.
  • Scalability: websites can enable FIDO2 via simple API call across all supported browsers and platforms on billions of devices consumers use every day.

 

For services providers and vendors ready to get started with FIDO2 specifications and browser/platform support, the FIDO Alliance offers testing tools and a certification program. FIDO2 Certified solutions currently available include FIDO Certified Universal Servers that support FIDO2 and all prior FIDO UAF and FIDO U2F devices for full backward compatibility with the full range of certified FIDO authenticators.

 

For more info, visit the FIDO Alliance and the World Wide Web Consortium.

Read more on

Suggested Articles

President Trump issued his “blessing” of the tentative deal on Saturday and then directed a delay of a week of a ban on TikTok downloads.

U.S. Commerce Department beefs up attacks on TikTok and WeChat, banning downloads at first. Eventually the bans will be total, unless some other agree

Analyst Jack Gold describes the TikTok battle as a big win for China.