Apple, Google and Microsoft do not want users to continue using passwords any further than the end of 2022. If the move does pan out as per the given timeline, then users would likely see an internet where they do not need to remember unique and increasingly complicated passwords for every single service they use. Instead, a collaborative, cross-industry effort may establish the practice of a common, no-password login mechanism – which is something that cyber security experts have long been stating could be the answer to reducing the number of scams and breaches that have become commonplace today.
Apple, Google, Microsoft join FIDO Alliance, W3C
To do this, Apple, Google and Microsoft have issued a joint statement, saying that the technology majors have joined hands with the Fast Identity Online (FIDO) Alliance and the World Wide Web Consortium (W3C), in a bid to make the practice of passwordless logins commonplace. The FIDO Alliance has been working to bring forth a uniform, cross industry standard for passwordless logins for a long time, and Microsoft has already been one of the early adopters of this standard by enabling passwordless logins on all Outlook and Office accounts in September 2021.
Now, a common statement by Apple and Google suggest that with cross-industry collaboration on the matter, users may soon be able to use their smartphone’s biometric login method, such as with fingerprint and face information, to login to various apps, websites and services across the internet. This bypasses the need to input a unique password for every platform a user logs in to, and has the added security of biometrics that are stored locally on devices.
In a press statement, Apple said that while techniques such as password managers and two-factor authentication (2FA) methods based on one-time passwords (OTPs) have made passwords incrementally safer, none of them have truly offered a security upgrade over what is already existing.
Kurt Knight, senior director of platform product marketing at Apple, said, “Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all with the goal of keeping users’ personal information safe.”
Mark Risher, senior director of product management at Google, added to Knight’s statement, saying, “We look forward to making FIDO-based technology available across Chrome, ChromeOS, Android and other platforms, and encourage app and website developers to adopt it, so people around the world can safely move away from the risk and hassle of passwords.”
The move to adopt cross industry passwordless logins, however, will presumably take some time. This would require compatibility to the tune of any Microsoft service, for instance, working seamlessly with Apple’s biometric authentication on iPhones. The companies state that they expect the changes to take effect by the end of this year, so you may start seeing common login standards being offered for your passwords to be bypassed by end-2022 itself.