“Simpler, Stronger Authentication” is the simple but accurate motto of the FIDO (Fast Identity Online) Alliance, formed in July 2012. This motto reflects the alliance’s goal to remove the cumbersome and dated ways we currently secure our devices. Apple, Google, and Microsoft recently decided to expand support for a common sign-in standard created by the FIDO Alliance and the World Wide Web Consortium that will lead to password elimination.
Everyone knows the feeling of getting locked out of their account and having to go through the process of resetting the password. FIDO aims to eliminate this problem by creating a new standard for device security that uses biometric technology and physical security devices to create a more secure and pleasant user experience.
This article will highlight the problems with passwords as we currently use them, the solution FIDO is proposing and implementing, and the benefits of adopting their ideas that allow for password elimination.
Beyond their inherent security flaws, the main problem with passwords is obvious; they are difficult to remember. Nobody likes passwords, but for a long time, they were the only option for securing your device.
When biometric authentication was introduced into smartphones with the addition of fingerprint scanners, users were initially hesitant to adopt the new technology. Now, fingerprint scanners are commonplace. As FIDO’s implementation expands to new devices and services, the password too will feel archaic.
The difficulty of memorizing passwords creates a major security issue. People commonly use the same password for all or many of their services. This means when one account gets hacked, the hackers can access multiple accounts.
Not only are passwords difficult to memorize, but as we require security for a more diverse range of devices like smart TVs and home assistants, inputting passwords has become difficult and tedious.
For businesses selling online, users forgetting their login credentials can lead to lost sales. An alarming 58% of online shoppers have reported abandoning their shopping carts due to frustration with logging in and registering. Streamlining this process means happier customers and more sales for businesses.
FIDO functions as the solution to all of the above-mentioned problems. This protocol aims to allow you to use something you know, something you are, or something you have as your new “password”. This means you could use a pin or pattern; facial recognition or fingerprint identification; a USB security key or an NFC card. The FIDO Alliance has decided that companies that are usually competitors benefit from collaborating rather than differentiating when determining certain industry standards. Coming up with universal solutions and standards benefits both the consumer and businesses. These new capabilities aimed at password elimination are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year.
This solution means that you should be able to use your iPhone’s fingerprint scanner to unlock your windows computer and then log into your Google web browser to access your Facebook account. The intention is that everything follows the standard to make compatibility easy.
Additionally, because of the type of cryptography FIDO uses, nothing is stored on servers. This would mean no more announcements of huge email and password leaks to worry about. Without having physical access to your devices, it will be very difficult for hackers to accomplish anything. This achieves the FIDO Alliance’s goal of making it easy for the user, but difficult for the hacker.
Until these new sign-in standards are widely available and adopted, passwords will continue to be an area of security concern. A centrally controlled password management system (for both your employees’ corporate and personal credentials) is essential to dealing with the issues surrounding passwords. Reach out to us today to learn more about the benefits of our recommended solution.