Say Goodbye to Passwords, now WebAuthn is an Official Web Standard

Update: 2019-03-06 17:09 IST

HIGHLIGHTS
•  W3C announced WebAuthn as an open web standard now
•  The standard allows password-free logins on the web
•  Most popular web browsers have already added support for WebAuthn

Are you poor at remembering passwords and hate entering them to log into websites all the time?  You are not the only one… Very soon things will change with the World Wide Web Consortium (W3C) made an official announcement that the Web Authentication API (WebAuthn) as a Web standard. In simple language, the standard allows password-free logins on websites. Initially, the standard was announced two years back in the year 2015. It is now supported by W3C's contributors that include Apple, Google, Microsoft, Intel, IBM, Mozilla, and others.

WebAuthn will allow users to log into websites using their biometrics, mobiles, or FIDO security keys. Android and Windows 10 also support the standard. Web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox have already added support for WebAuthn while Apple's Safari is currently supporting it in preview versions.

The announcement will further stimulate the move towards a password-free Web. Passwords are vulnerable and have to be paired with various levels of authentication for added security.

W3C and FIDO Alliance told in an official statement, "It's common knowledge that passwords have outlived their efficacy. Not only are stolen, weak, or default passwords behind 81 per cent of data breaches, they are a drain of time and resources."

A lot of Web services are expected to jump in and embrace it, with WebAuthn becoming an open standard. The standard promises higher security when compared to using passwords only.

WebAuthn is a foundation part of FIDO Alliance's FIDO2 specifications. It is a standard that aspires to offer an alternative to conventional forms of authentication in different ways. FIDO2 aims to address convenience, security, scalability and privacy.

Across each website, FIDO2's login details are unique despite the fact that users' biometrics never leave their devices and aren't even stored on a server. For convenience, users can easily login using simple fingerprint readers, physical security keys or their mobile devices.

For each website FIDO keys are unique, therefore it takes care of a user's privacy since it can't be used to track them.

In the coming next few months we can expect to see a lot of web services implementing WebAuthn, making lives easier for all the users.

Tags:    

Similar News