In an effort to bury passwords, Google, Microsoft, and Apple are expanding support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. The FIDO Alliance promotes the development of standards for authentication and device attestation. FIDO is short for Fast Identity Online.
The companies said Thursday the new capability will allow websites and apps that enable the function to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms.
The new approach, which involves the storage of a credential or passkey on a smartphone, “will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS,” the FIDO Alliance said in a statement.
Google, Microsoft, and Apple platforms already support FIDO Alliance standards to enable passwordless sign-in on smartphones, laptops and tablets. But users have to sign in to each website or app with each device before they can use passwordless functionality. The expanded capabilities will give websites and apps the ability to offer an end-to-end passwordless option, the FIDO Alliance said in a statement.
Users will sign in as they do now, by fingerprint or face scan or with a device PIN. This capability will allow users to automatically access their FIDO sign-in credentials (referred to by some as a “passkey”) on many of their devices, even new ones, without having to re-enroll every account. It will also enable users to use FIDO authentication on their mobile device to sign in to an app or website on a nearby device, regardless of the OS platform or browser they are running.
“These multi-device FIDO credentials … represent a monumental step toward a world without passwords,” Alex Simons, vice-president of product management in Microsoft’s identity and network access division, said in a blog.
Windows users can use Windows Hello today to sign in to any site that supports passkeys, he said. “In the near future, you’ll be able to sign in to your Microsoft account with a passkey from an Apple or Google device.”
Passwordless support for Windows 365, Azure Virtual Desktop, and Virtual Desktop Infrastructure is in preview with Windows 11 Insiders, he added, and is on the way for Windows 10.
Google said it plans to implement passwordless support for FIDO Sign-in standards in the Android operating system and Chrome browser.
Google explains that to sign into a website on a computer, a user will need their smartphone nearby. The website or app sends a verification to the phone and asks the user to unlock the phone with a biometric or PIN number for access. Even if the user loses their phone, passkeys will securely sync to a new phone from cloud backup.