In an effort to make the web more secure and usable for all, Apple, Google and Microsoft have announced plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. The new capability will allow websites and apps to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms.
Although the standard is already being Apple, Google, and Microsoft, but the present implementation still need the user to authenticate into each app or website before activating a passwordless sign-in mechanism. With this announcement, users will be to automatically access their FIDO sign-in credentials (referred to by some as a “passkey”) on many of their devices, even new ones, without having to re-enroll every account. Also, the use FIDO authentication on their mobile device to sign in to an app or website on a nearby device, regardless of the OS platform or browser they are running.
In addition to facilitating a better user experience, the broad support of this standards-based approach will enable service providers to offer FIDO credentials without needing passwords as an alternative sign-in or account recovery method. These new capabilities are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year.
Regarding this announcement, Andrew Shikiar, the executive director and CMO of the FIDO Alliance, said;
Simpler, stronger authentication’ is not just FIDO Alliance’s tagline — it also has been a guiding principle for our specifications and deployment guidelines. Ubiquity and usability are critical to seeing multi-factor authentication adopted at scale, and we applaud Apple, Google, and Microsoft for helping make this objective a reality by committing to support this user-friendly innovation in their platforms and products.
This new capability stands to usher in a new wave of low-friction FIDO implementations alongside the ongoing and growing utilization of security keys — giving service providers a full range of options for deploying modern, phishing-resistant authentication.
The FIDO (Fast IDentity Online) Alliance, was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords.