Soon, you'll need to remember one less password. Google, Apple and Microsoft are expanding passwordless sign-in capabilities across phones, desktops and browsers, the companies announced in a joint blog post on Thursday.
The companies committed to implementing passwordless authentication across devices in the coming year, supporting a standard created by the FIDO Alliance and the World Wide Web Consortium. In a separate blog post, Google said users would unlock their phones to sign into websites or apps. The FIDO Alliance, an industry organization that promotes the use of authentication over passwords, said in its announcement of the new efforts that password-only authentication is "one of the biggest security problems on the web," leading to data breaches, account takeovers and stolen identities.
“Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all with the goal of keeping users’ personal information safe," Kurt Knight, Apple’s senior director of Platform Product Marketing, said in a statement.
FIDO's standards are based on public key cryptography, or systems using pairs of keys to gain access to accounts or devices. Passwordless access can include the use of a security key, fingerprinting or voice or facial recognition for multifactor authentication. According to the organization, passwords are the root of more than 80% of data breaches, because people reuse their passwords.
Though several applications already use FIDO standards, many require an initial sign-in that leaves users vulnerable to security breaches. But Google told The Verge that new procedures will eliminate the need for a password.
“For Google, it represents nearly a decade of work we’ve done alongside FIDO, as part of our continued innovation towards a passwordless future," Mark Risher, senior director of Product Management at Google, said in a statement. "We look forward to making FIDO-based technology available across Chrome, ChromeOS, Android and other platforms, and encourage app and website developers to adopt it, so people around the world can safely move away from the risk and hassle of passwords.”