WebAuthn Becomes an Official Web Standard, Will Help You Say Goodbye to Passwords
HIGHLIGHTS
*W3C has announced that WebAuthn is now an open web standard
*The standard enables password-free logins on the web
*Most popular web browsers have already added support for WebAuthn
Do you hate entering passwords to log into websites all the time? Well, you're not alone. Things are about to change now with the World Wide Web Consortium (W3C) officially declaring the Web Authentication API (WebAuthn) as a Web standard. In simple terms, the standard enables password-free logins on websites. The standard was initially announced back in 2015. It is now supported by W3C's contributors, which include Apple, Google, Microsoft, Intel, IBM, Mozilla, and others. Dropbox was the first to integrate WebAuthn, followed by Microsoft.
WebAuthn will allow users to log into websites using their biometrics, mobiles, or FIDO security keys. The standard is also supported by Android and Windows 10. Web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox have already added support for WebAuthn while Apple's Safari is currently supporting it in preview versions.
The
announcement will further fuel the move towards a password-free Web. Passwords are vulnerable and have to be paired with multiple levels of authentication for added security.
In an official statement, W3C and FIDO Alliance said, "It's common knowledge that passwords have outlived their efficacy. Not only are stolen, weak, or default passwords behind 81 percent of data breaches, they are a drain of time and resources."
With WebAuthn becoming an open standard, a lot of Web services are expected to jump in and embrace it. The standard promises much higher security compared to using passwords alone.
WebAuthn is a core part of FIDO Alliance's FIDO2 specifications. It is a standard that aims to offer an alternative to conventional forms of authentication in various ways. FIDO2 looks to address security, convenience, privacy, and scalability.