Apple, Google, And Microsoft May Soon Implement Passwordless Sign-In Across Their Platforms
Apple, Google, and Microsoft announced that they have jointly committed to building support for passwordless sign-in across all of the mobile, desktop, and browser platforms that they control in the coming year.
"Just as we design our products to be intuitive and capable, we also design them to be private and secure," conveyed Kurt Knight, senior director of platform product marketing at Apple.
READ: Windows 11 Will Obtain New Touch Gestures, Start Menu Folders, And More
"Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience - all with the goal of keeping users' personal information safe," he added.
Through a passwordless login method, users will select their phones as the main authentication device for apps, websites, and other digital services, according to a Google blog post. Unlocking the phone by its security passcode (such as PIN, pattern, or fingerprint) will be enough to sign in to web services without the need to ever enter a password again. This process makes use of a unique cryptographic token called a passkey that is shared between the phone and the website.
The envisioned idea is that users will benefit from both simplicity and security by making all logins rely on a physical device. Without a password, it'll no longer be necessary to remember login details across services or compromise security by reusing the same password for multiple sites.
A passwordless system will also make it much more difficult for hackers to compromise login details remotely since signing in requires access to a user's physical device. Theoretically, phishing attacks where users are directed to a fake website for password capture will likewise be much harder to implement.
READ: Google's Newest Nest Cameras Can Now Coordinate With Amazon Alexa
Vasu Jakkal, Microsoft's vice president for security, compliance, identity, and privacy, highlighted the degree of compatibility across platforms:
"With passkeys on your mobile device, you're able to sign in to an app or service on nearly any device, regardless of the platform or browser the device is running," Jakkal said in an emailed statement. "For example, users can sign-in on a Google Chrome browser that's running on Microsoft Windows-using a passkey on an Apple device."
Cross-platform compatibility is being made possible by a standard called FIDO. It uses the principles of public key cryptography to enable passwordless authentication and multi-factor authentication in a range of contexts. For example, a user's phone can store a unique FIDO-compliant passkey and will share it with a website for authentication only when the phone is unlocked. Passkeys can also be easily synced to a new device from cloud backup in the event that a phone is lost, details the post from Google.
Tech giants Apple, Google, and Microsoft have all said that they are expecting the new sign-in capabilities to become available across platforms in the following year. A specific roadmap has not yet been announced. The initiative to do away with passwords had been around for years. With this collaboration among tech companies, it may finally soon succeed.
