You may not have to remember that laundry list of those passwords for much longer. In an effort to eschew the use of passwords, a new alternative method for securing your online accounts was just approved.
Via a press release published Monday, March 4, the World Wide Web Consortium (W3C) and the FIDO Alliance announced that WebAuthn (a new authentication standard), has now been made “an official web standard.”
Simply put, the newly approved authentication standard allows users to log into their online accounts without a password. Instead, users who opt to utilize WebAuthn will be able to sign into their accounts with the use of a security device, such as fingerprint readers, FIDO security keys, or their own mobile devices.
As an API, WebAuthn itself will act as the middleman between the websites users want to log into and the security devices they choose to log in with.
It’s worth mentioning that today’s news is just the first step toward a future without passwords. As The Verge notes, websites that require logins will still need to “integrate the standard” before users can use WebAuthn with them.
So far, WebAuthn seems to be off to a good start when it comes to integration. The following browsers already support the new authentication standard: Chrome, Firefox, Microsoft Edge and Apple’s Safari. W3C’s press release also mentioned that both operating systems, Windows 10 and Android, currently support the use of WebAuthn as well.
While we still have to wait a bit longer to finally live a password-free existence, the approval of WebAuthn is an encouraging step in the right direction. The use of passwords to secure online accounts, while ubiquitous, has always come with severe flaws: They’re often easily stolen or just generally weak and susceptible to phishing attacks.
And with more and more of our lives being lived and managed online (hello, Internet of Things), it’s no wonder that biometric methods and security features like the use of Face ID have become all the rage. People are simply eager to get away from having to remember passwords, which may or not actually be protecting their accounts all that much.
