Öppna din telefon och du kan också nå dina sidor på nätet, utan lösenord. Detta är den lösning Apple, Google och Microsoft presenterar idag.
»The expanded standards-based capabilities will give websites and apps the ability to offer an end-to-end passwordless option. Users will sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN. This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS.«
The Hacker News:
»The new Fast IDentity Online (FIDO) sign-in system does away with passwords entirely in favor of displaying a prompt asking a user to unlock the phone when signing into a website or an application.
This is made possible by storing a cryptographically secured FIDO credential called a passkey on the phone that’s used to log in to the online account after unlocking the device.
”Once you’ve done this, you won’t need your phone again and you can sign-in by just unlocking your computer,” Google said.
”Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off.”«
Det skall bli intressant att se hur detta kommer att fungera i praktiken, till exempel vid inloggning på delade enheter.
• Apple: Apple, Google, and Microsoft commit to expanded support for FIDO standard to accelerate availability of passwordless sign‑ins »
• The Hacker News: Google to Add Passwordless Authentication Support to Android and Chrome »