Few people know, but among the countless holidays, there is one such as World Password Day. It is celebrated on the first Thursday of May every year. This year it fell on May 5th. When, if not on this day, will large corporations take over and take care of our bright passwordless future? Of course, they started working on their initiative earlier, but they announced it only that day. The very situation in which such giants united for a common cause is very interesting. So let’s look into it in more detail.
The password is an ancient way of providing security. It works but hacks. Something more reliable is needed.
Authorization without a password
The possibility of authorization without a password has been in development for some time, promising increased security and convenience. Despite the fact that such technologies have already been used and sometimes even very successfully, but a new round of their development is something fundamentally new.
Бегом сюда! Это наш Яндекс Дзен. Там все о паролях безопасности и много о чем еще.
The joint implementation of something by giants such as Google, Apple and Microsoft already says a lot and represents the biggest step forward. Moreover, all three companies have committed to making their implementations compatible with each other.
The FIDO Alliance is the organization behind the push for passwordless login. The organization helped develop a standard for the technology, which was adopted by the World Wide Web Consortium.
It’s not just three letters at the beginning of a page address.
How can a password be cracked
While passwords have been the default security method since the early days of computers, they are vulnerable to theft and compromise. In many cases, all a hacker needs to do is compromise the user’s password in order to gain access to the relevant service. It is not difficult to do this. Especially considering that most of the users selects the same login-password pairing for all accounts. It is enough to steal one and you can instruct the bot to substitute it to all popular sites.
And don’t forget that a hacker will gain access to the master password that the user uses for the application or password management service. In this case, the results can be catastrophic and even the fact that each site has a unique and very complex password will not save.
Collections of top products from AliExpress here
How passwordless authorization works
In contrast, passwordless login essentially uses a person’s phone as a hardware key. The phone will store the FIDO password, which is also backed up online. To log into a computer or website, the user will be prompted to unlock their phone. The phone unlock process allows them to use the computer or website in question.
Even if a person loses his phone, he can easily continue using the system with a new one, by backing up your password in the Internet. At the same time, since the access key uses modern cryptographic standards, transaction security is maintained throughout the process.
The phone will open access to any computer. Naturally, yours.
Implementation of the FIDO standard
As Google, Apple and Microsoft jointly working on the implementation of the FIDO standard, users will be able to cross-authenticate their devices and services regardless of the platform they choose. Considering that these are the largest electronics manufacturers in the world, such arrangements open up great prospects for a password-free future.
This milestone is a testament to the collaborative work being done across the industry to increase security and move away from legacy password-based authentication − said Mark Rishersenior director of product management at Google.
Risher added that for Google, this represents almost a decade of work that the company has done with FIDO as part of its ongoing innovation towards a password-free future.
It would be great to make FIDO-based technology available for Chrome, Chrome OS, Android, and other platforms. The main thing is that developers do not let us down and actively join this initiative, optimizing their applications and adding appropriate features to them. The same applies to websites. When everyone starts working in this direction, the world will become more comfortable and safer. But the fact that such giants have taken up this task inspires optimism. In the meantime, log in without a password to our news Telegram channel and subscribe to it. Come in handy!
The post Google, Apple and Microsoft decided to work together on security appeared first on Gamingsym.