Apple, Google and Microsoft are expanding support for the FIDO passwordless sign-in standard across devices and platforms to boost user security further.
- Tech giants Apple, Google and Microsoft have announced bringing expanded support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium.
- The companies want to make passwordless sign‑in in apps and on websites more widely available to people across their devices and platforms.
- The sign-in experience should be “radically more secure” than passwords and legacy multi-factor technologies. like codes sent via SMS.
Apple, Google and Microsoft commit to expanded FIDO support
As a result of the initiative, websites and apps will be able to offer an end-to-end passwordless option. You’ve heard about end-to-end encryption, but what’s this end-to-end passwordless option? Well, this will allow you to use your device’s biometric features to sign in to apps and websites instead of having to use the password autofill feature, which is slower. You may have seen something similar on the Apple ID website: If you attempt to log in at appleid.apple.com with Safari on your iPhone, you will be offered to sign in by scanning your face/fingerprint or typing your device PIN. The companies claim this helps shield the user from phishing attacks.
From the announcement in the Apple Newsroom:
Password-only authentication is one of the biggest security problems on the web, and managing so many passwords is cumbersome for consumers, which often leads consumers to reuse the same ones across services. This practice can lead to costly account takeovers, data breachesn and even stolen identities. While password managers and legacy forms of two-factor authentication offer incremental improvements, there has been industry-wide collaboration to create sign-in technology that is more convenient and more secure.
Apple, Google and Microsoft are now building expanded Fast Identity Online (FIDO) support into their respective devices and operating systems. The current standard requires that the user sign in to each website or app with each device before they can use passwordless functionality. This will change to let you automatically access your FIDO sign-in credentials across devices without having to reenroll every account. One of the improvements will make it possible to use FIDO authentication on your iPhone to sign in to an app or website on a nearby iPad or Windows PC.
These new capabilities are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year. Apple will preview updates to its platforms at WWDC21 in June, and we expect it to share more news regarding expanded FIDO support coming to its platforms. For those wondering, iOS 15.4 includes basic support for this technology on the iPad and Mac with an iPhone and a saved passkey. Read: How to add secure notes to your saved passwords