Remembering passwords will be a thing of the past in 2023

One of the most annoying situations on the Internet is the appearance of the message “Wrong password”, which often forces us to restore it. Not to mention the precautions to take when choosing one of these passwords: make sure it’s complex to avoid security issues; We use a different app for each app and change it every six months. All of these inconveniences could be brought to an end if the agreement were to go ahead with the use of the FIDO standard, which would be possible to log into any device, web or application without having to memorize passwords. Instead, biometric recognition systems or NFC (contactless) technology will be used.

According to FIDO Alliance data, passwords are responsible for more than 80% of data breaches, which is not surprising, given that users have an average of 90 online accounts with identical or similar passwords.

10 years working to remove keys

The FIDO Alliance is a consortium of companies that since 2013 have aimed to remove or, at least, reduce the use of passwords as much as possible. It has a good chance of achieving this, as it is backed by dozens of technology multinationals: Meta, Google, Amazon, Intel, Microsoft, Samsung, Apple, Twitter, Sony, Huawei…

At the beginning of May, proprietary developers for the most popular operating systems (Apple, Google and Microsoft) showed themselves to be the main supporters of this proposal by announcing that they were working together to publish a common standard for passwordless logins. This assumes that FIDO will sign in to Android, Chrome, iOS, macOS, Safari, Windows, and Edge.

Biometric systems are already used by millions of devices

According to Apple’s statement, “Users will sign in with the same action they do several times a day to unlock their device, such as simple verification of their fingerprint, face, or device PIN; that is, the biometric systems already in use by millions of devices around the world.” The world will be used, such as facial, voice or fingerprint recognition, or other systems such as a security key. This new approach protects against phishing and login will be radically more secure compared to passwords and technologies such as one-time passcodes sent via SMS.” In fact, the statement by Apple, Google and Microsoft is just another step – yes, a very important one – in the progress of this long-awaited news by many, which is expected to gradually materialize from 2023.

Sampath Srinivas, director of product management and authentication at Google and president of the FIDO Alliance, explains on the Google blog that with this new technology, only the mobile phone will be needed to verify a user’s identity. When you have to log into the computer, simply unlock the phone using the usual means (such as placing your finger on the smartphone’s fingerprint reader or looking at the camera for facial recognition) and you will be given the credentials needed to access any service or website. Srinivas notes that if the phone is lost, the new phone it replaces will be synchronized with our access tokens thanks to a backup in the cloud.