Significant development? The FIDO Alliance that aims to remove the need for passwords, signs Apple as new board member
The drive to eliminate the need for passwords gained a significant boost last week when Apple signed up as a board member.
The Fast IDentity Online (FIDO) Alliance aims to establish online standards for two-factor and biometric authentication, and in 2014 it issued the first draft of its technical specifications.
In 2018 major browsers came onboard when the World Wide Web Consortium (W3C) standards body joined up when it assigned the FIDO Alliance’s Web Authentication (WebAuthn) standard to Candidate Recommendation (CR) status, the stage before final approval.
Essentially, the FIDO Alliance aims to establish a common way for products and service providers to exchange authentication information, allowing customers to use a smartphone, USB token or some other device as security token.
If developers widely adopt the specification, it could allow consumers and workers to reduce their reliance on passwords.
Other board-level members include Amazon, ARM, Facebook, Google, Intel, Lenovo, Microsoft, and Samsung.
Security experts have long said that passwords are not an ideal solution in today’s environment, where the need to properly authenticate people and devices remains a top priority.
Last April, the National Cyber Security (NCSC) revealed the most hackable passwords that people are still using today.
It found that the top ranking passwords used are names of football teams (i.e liverpool), musicians (blink182), and fictional characters (superman).
But 23.2 million people still use “123456” as their password. 7.7 million people use “123456789” and 3.6 million people use “password” as their password.
However, before the FIDO approach can be used, there is still more work to do, as its approach will require every website to sign up.
It remains to be seen whether Apple joining the alliance will accelerate uptake.
Do you know all about security? Try our quiz!