Apple, Microsoft, and Google have announced that they are working together on the development of passwordless sign-ins across all devices. Announced during World Password Day on May 5, this means that users will in the near future use passwordless authentication across Android and iOS operating systems; Chrome, Edge, and Safari browsers; and the Windows and macOS desktop versions.
Just as we design our products to be intuitive and capable, we also design them to be private and secure,” said Kurt Knight, senior director of platform product marketing at Apple.
“Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all with the goal of keeping users’ personal information safe.”
According to Google, passwordless logins allow you to choose your mobile devices as your main authentication tool for apps, websites, and other digital devices. You can log into the services by entering a PIN, drawing a pattern, or using your fingerprint to unlock, without having to enter passwords. You will be able to sign in to the services through a unique cryptographic token called a passkey between the phone and the website
Passwordless logins are designed to ensure that the process is simple and secure, without users having to cram several login details or reusing the same passwords, compromising their security in the process while also making it difficult for hackers to access your information as they would have to have your device at hand to access any of the web services.
Microsoft’s Vice President for security, compliance, identity, and privacy Vasu Jakkal emphasized the need for interoperability of the feature across all platforms.
“With passkeys on your mobile device, you’re able to sign in to an app or service on nearly any device, regardless of the platform or browser the device is running,” Jakkal said in an emailed statement.
“For example, users can sign-in on a Google Chrome browser that’s running on Microsoft Windows, using a passkey on an Apple device.”
According to the Verge, the cross-platform feature is enabled via the FIDO standard, which uses public-key cryptography principles to provide passwordless login and multi-factor authentication in a variety of situations. When a user’s phone is unlocked, it can store a unique FIDO-compliant passkey and share it with a website for authentication. Passkeys may also be simply synchronized to a new device from cloud backup in the event that a phone is misplaced, according to Google’s website.
“This extended FIDO support being announced today will make it possible for websites to implement, for the first time, an end-to-end passwordless experience with phishing-resistant security,” said Srinivas.
“This includes both the first sign-in to a website and repeat logins. When passkey support becomes available across the industry in 2022 and 2023, we’ll finally have the internet platform for a truly passwordless future.”
Apple, Google, and Microsoft said the passwordless login features could be rolled out across all their platforms sometime next year.