From "Apple, Google, and Microsoft commit to expanded support for FIDO standard to accelerate availability of passwordless sign‑ins" posted early Thursday:
In a joint effort to make the web more secure and usable for all, Apple, Google, and Microsoft today announced plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. The new capability will allow websites and apps to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms.
Password-only authentication is one of the biggest security problems on the web, and managing so many passwords is cumbersome for consumers, which often leads consumers to reuse the same ones across services. This practice can lead to costly account takeovers, data breaches, and even stolen identities. While password managers and legacy forms of two-factor authentication offer incremental improvements, there has been industry-wide collaboration to create sign-in technology that is more convenient and more secure.
The expanded standards-based capabilities will give websites and apps the ability to offer an end-to-end passwordless option. Users will sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN. This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS.
My take: What? Three tech megacaps conspiring to reduce friction on their respective devices? Call the antitrust police!
I must admit the ordeal had an overall positive impact on my ability to remember far more important things. Important passwords are stored in a precious place in our brains. If we stop going there on a regular basis we forget other stuff.
But rest assured, Lina is on her way!
For example, I am a Mets season ticket holder and they have an exclusive relationship with StubHub. I can only sell my tickets thru them. Why can’t I choose another provider?
The list goes on and on….
I have effectively got this feature, fingerprint or facial login on my key logins and am working through the many rarely used ones. Better than that, I have already used the fantastic ability to cut off a vendor who abused my login by simply deleting that hide my email address.
Unfortunately, it takes a lot of work to change so many logins, and some entities require you to email them your new email. But it can be done!