WebAuthn is here to kill the password

Today, the World Wide Web Consortium (W3C) approved WebAuthn, a new authentication standard that aims to replace the password as a way of securing your online accounts. First announced last year, WebAuthn (which stands for Web Authentication) is already supported by most browsers, including Chrome, Firefox, Edge, and Safari. Its publication as an official web standard should pave the way for wider adoption by individual websites.

Explain.

At its core, WebAuthn is an API that allows websites to communicate with a security device to let a user log into their service. This security device can range from a FIDO security key that you simply plug into a USB port on your computer to a more complex biometric device that allows for an additional level of verification. The important thing is that WebAuthn is more secure than the weak passwords people end up using for most websites, and it’s simpler than having to remember a string of characters in the first place.

Now that the standard has been approved by the W3C, the next step is for websites to integrate the standard. Dropbox was one of the first to do so last year, and Microsoft did so soon after. The password isn’t on its last legs just yet, but after today’s announcement, WebAuthn is one step closer to being a viable alternative.

 

By Jon Porter 

This article was originally published on The Verge (www.theverge.com) and has been republished under Creative Commons