Tuesday, May 17, 2022

Apple, Microsoft, Google expand support for passwordless sign-in

In an effort to bury passwords, Google, Microsoft, and Apple are expanding support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. The FIDO Alliance promotes the development of standards for authentication and device attestation. FIDO is short for Fast Identity Online.

The companies said Thursday the new capability will allow websites and apps that enable the function to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms.

The new approach, which involves the storage of a credential or passkey on a smartphone,  “will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS,” the FIDO Alliance said in a statement.

Image collage of password free devices
This Google graphic shows how a popup will appear when a user wants to log into a website using passkey authorization

Google, Microsoft, and Apple platforms already support FIDO Alliance standards to enable passwordless sign-in on smartphones, laptops and tablets. But users have to sign in to each website or app with each device before they can use passwordless functionality. The expanded capabilities will give websites and apps the ability to offer an end-to-end passwordless option, the FIDO Alliance said in a statement.

Users will sign in as they do now, by fingerprint or face scan or with a device PIN. This capability will allow users to automatically access their FIDO sign-in credentials (referred to by some as a “passkey”) on many of their devices, even new ones, without having to re-enroll every account. It will also enable users to use FIDO authentication on their mobile device to sign in to an app or website on a nearby device, regardless of the OS platform or browser they are running.

“These multi-device FIDO credentials … represent a monumental step toward a world without passwords,” Alex Simons, vice-president of product management in Microsoft’s identity and network access division, said in a blog.

Windows users can use Windows Hello today to sign in to any site that supports passkeys,  he said. “In the near future, you’ll be able to sign in to your Microsoft account with a passkey from an Apple or Google device.”

Passwordless support for Windows 365, Azure Virtual Desktop, and Virtual Desktop Infrastructure is in preview with Windows 11 Insiders, he added, and is on the way for Windows 10.

Google said it plans to implement passwordless support for FIDO Sign-in standards in the Android operating system and Chrome browser.

Google explains that to sign into a website on a computer, a user will need their smartphone nearby. The website or app sends a verification to the phone and asks the user to unlock the phone with a biometric or PIN number for access. Even if the user loses their phone, passkeys will securely sync to a new phone from cloud backup.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.