Passwords have been with us from the dawn of computing, and really have plagued us in attempting to secure us while not being too much of a nuisance. That is changing though, and soon passwords will be no more.
Password-Free Authentication has been in the works from the FIDO Alliance. FIDO (Fast ID Online) is a technology agnostic specification for security and has been slowly rolling out from big tech companies.
When will FIDO be fully adopted, and we can ditch all our passwords completely?
Soon, but as with any new technology it takes time so I wouldn’t hold my breath just yet.
Apple, Google, and Microsoft have all committed to supporting FIDO and expanding the availability of passwordless sign-in. Apple has already instituted it on their platforms, and Android, Chrome, and Windows platforms are planned for 2023. So device support is coming quickly, but complete support from websites and software manufacturers will come in time.
The most prominent FIDO system is the Passkey
Passkeys create private keys on your phone, so they’re only accessible by you. These keys are authenticated by your credentials to use your phone, be it face recognition, fingerprint scanner, or PIN.
When you log into an account, the software running that account will create a public key and then request your private key. The two keys together create a passkey, which authenticates you like a password. Except it is more secure because the private part of that key is never anywhere but on your phone.
We are long standing proponents of password managers. They can create, store, and fill in complex passwords for you, keeping your credentials as safe as possible. As an added layer to secure your accounts, we also recommend multi-factor authentication. These two things together will keep your accounts as secure as can be, and also allow management of your employees’ credentials for full control (and security) of your business.
These processes take a few moments to log in. Some people find those couple of seconds inconvenient, but it is a required step to keep your accounts secure.
The adoption of passkeys will likely change the inconvenience of passwords and MFA.
Yahoo Japan has already implemented an option to validate with passkeys. The results were a 25% drop in requests for forgotten passwords and sped up sign in time by 2.6 times.
We are excited about this change and the improvements it will bring. The fact that all the big password managers have already committed to FIDO and incorporating passkeys makes the change seem like it will be seamless.
When traditional passwords are finally dead and gone will we miss them? Absolutely not.
Until then, we will continue with our password manager of choice to secure our, and our customer’s accounts and data. If you’d like help to keep your business secure, book a 15 minute call on our calendar – free of charge with no strings attached.