US tech titans look to ditch passwords

US tech giants are out to make stolen passwords such as these displayed as part of The Glass Room pop up exhibition in San Franc
US tech giants are out to make stolen passwords such as these displayed as part of The Glass Room pop up exhibition in San Francisco tech world relics with new standards providing a more secure way to access accounts or devices.

Apple, Google and Microsoft said Thursday they are looking to get rid of passwords and replace them with a more secure way to access accounts or devices.

The US tech titans jointly announced support for a common standard that will let people sign in by unlocking their mobile phones, say, with fingerprint or face recognition.

"The complete shift to a passwordless world will begin with consumers making it a natural part of their lives," said Microsoft vice president Alex Simons.

"By working together as a community across platforms, we can at last achieve this vision and make significant progress toward eliminating passwords."

Reliance on passwords alone is decried as a major security flaw on the internet, with people keeping them overly simple or using the same one repeatedly to make it easier to manage many accounts.

Adopting standards created by the FIDO Alliance and the Word Wide Web Consortium will let websites and device makers build secure, passwordless options into their offerings, the groups said in a release.

Using secure keys instead of passwords would stymy phishing scams that trick people into disclosing log-in credentials and hackers that steal such data.

"Today is an important milestone in the security journey to encourage built-in security and help us move beyond passwords," US cybersecurity and infrastructure security agency director Jen Easterly said.

Support for password-free log-ins will be woven into Android and Chrome software over the course of the coming year, said Google product manager and FIDO Alliance president Sampath Srinivas.

Apple and Microsoft announced plans to do likewise with their software.

"This will simplify sign-ins across devices, websites, and applications no matter the platform—without the need for a single password," Srinivas said in a blog post.

"When you sign into a website or app on your phone, you will simply unlock your phone."

Mobile phones will store a FIDO credential referred to as a "passkey" that will be used to unlock online accounts, Srinivas explained.

"To sign into a website on your computer, you'll just need your nearby and you'll simply be prompted to unlock it for access," Srinivas said.

Eliminating was billed as more secure than that involves getting one-time passcodes texted or emailed as secondary confirmation when logging into sites or services.


Explore further

Ready to say goodbye to passwords? Users will no longer need one for Microsoft accounts

© 2022 AFP

Citation: US tech titans look to ditch passwords (2022, May 5) retrieved 17 May 2022 from https://techxplore.com/news/2022-05-tech-titans-ditch-passwords.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
382 shares

Feedback to editors