The end of AbCdEf123 How Apple, Google and Microsoft want to get rid of the password together

0
27
passwort computer smartphone.jpg
passwort computer smartphone.jpg

Passwords are annoying and dangerous in the wrong hands. If the big tech companies have their way, that will soon be over.

Was the A in the front big or small? And the hyphen at the very end? Was there anything else? If you really want to meet all the requirements for a secure password, it becomes almost impossible to remember the access data for all online services. If Apple, Google and Microsoft have their way, that will soon no longer be necessary either: the tech giants are working together on the end of the password.

Of course, the alternative is not a world where everyone has access to everything. Instead, the three companies announce in a blogpost that they are working together to implement a new, now password-free way of authentication.

 

 

Control yes, password no

This should succeed via trustworthy devices. The smartphone is thus becoming the key to all devices, explains Google in another blog post. If you unlock your phone – for example with a pin code or biometric methods such as face recognition – a so-called passkey is also activated. This specially encrypted token stored on the smartphone can then be used to log into other services – without ever having to enter a password there.

The idea behind it is obvious: Users can log in securely without having to remember passwords that are often far too complex. And then do without common, but also very insecure practices such as recycling passwords. At the same time, unauthorized access is becoming more difficult: hackers can no longer simply fish for passwords and then log on to other devices. Instead, they suddenly need access to a physical key – the smartphone.

If the user again loses his device, this is not the end of his log-ins. When setting up a new device with your own apps and data, you should also transfer the tokens via cloud synchronization.

SEE ALSO  With this trick you can search and find files in Google Drive, even if it is not yours. This is how I discovered a lot of books

High chance of success

The approach is reminiscent of methods that are already commonplace in two-factor authentication. If you log in on a new device or a website, you have to allow it on trusted devices. The FIDO standard used by the three is already supported by many apps, but has to be activated there so far. With the approach now planned, this step is no longer necessary. The smartphone then offers to log in without a password the first time you visit a page. And from then on, refrain from doing so on every subsequent visit.

The chances of the new approach catching on are good. With iOS, Android and Windows as well as the browsers Chrome, Safari and Edge, the three companies provide both the most important operating systems and the most important browsers used on them. If a user switches to the new system, the chances are very high that it will work on all of the devices and Internet services used there. “You can then use an iOS device to log into the Chrome browser on a Windows computer,” says Microsoft Vice President Vasu Jakkal, explaining the benefits of the collaboration.

But users still have to be patient. Apple, Amazon and Google have announced that they will slowly roll out the function by the end of next year. But the days of the password are probably numbered.

Source: blog post