Ugh. Passwords.
For years they’ve been a necessary evil. As we secure our devices and create online accounts, we’re under constant pressure to create “strong” passwords that are supposed to be harder to steal — but that only makes them harder to remember.
Did you make your password long enough? Does it include both letters and numbers? Did you include at least one special character?
And God forbid you forget your password and have to go through the often hellish process of trying to reset it.
Passwords are supposed to keep our personal information and activities top secret. Ironically, as complicated as passwords have become, they’re still pretty darn insecure. Passwords get compromised all the time, both individually and in massive data breaches.
But there’s good news. As you read this, we’re moving toward a password-free world.
FIDO’s Got a Bone to Pick with Passwords
The FIDO (Fast Identity Online) Alliance is a coalition of 250 organizations that’s on a mission to kick passwords to the curb in favor of a more convenient, streamlined, and secure method of authentication.
To that end, the FIDO Alliance has developed its FIDO2 technology to eliminate the need to create a password every time you register with an online service, whether you’re signing up to pay bills online or subscribing to a dating app.
FIDO2 authentication standards are based on a type of cryptography that relies on asymmetrical key pairing. In a nutshell, an online service with which you register does not share knowledge of your password. Instead, it accesses what’s called a “public key” and you, the user, hold a secret “private key.” When these two keys are paired, you’re logged in.
Theoretically, in time, you should be able to use the same private key to log into any online service or platform, eliminating the need to juggle multiple passwords.
Passwords: How Will We Log in Without Them?
Using the FIDO2 authentication method, your private key can only be used once it’s been unlocked on your device, so you’re in control.
How does the unlocking work without a password? There are a number of possibilities. It could involve biometrics, like a fingerprint reader, or facial or voice recognition. It might even be as simple as pressing one button on your smartphone.
Microsoft has been on board with ditching passwords for a while. FIDO2 was launched in 2018, and Microsoft started using it immediately, integrating the technology into its April 2018 update of Windows Hello, allowing users to access their Microsoft accounts without a password. In a demonstration video released by Microsoft, a user logs into Windows Hello using facial recognition.
So Why Are You Still Using Passwords?
If passwordless technology is here, why are you still fumbling around with passwords? The FIDO2 method of authentication isn’t universal (yet) because the number of FIDO-enabled platforms is limited. However, that number is growing. At present, FIDO technology is supported by Google Chrome, Mozilla Firefox, Microsoft Edge, Apple Safari (MacOS), iOS web browsers, and Windows 10 and Android platforms.
The FIDO Alliance helps enterprises deploy its technology through learning and planning resources on its website.
