So long, passwords? Portable digital identities may replace them

Ask most people what the least favorite part of using their devices is and you’re bound to get a similar answer: passwords.

Unfortunately, the critical role that passwords currently play makes them a necessary, tedious and repetitive evil in our digital world. However, imagine a time when they won’t be needed, but you’ll still be able to log into your devices, perform secure transactions, and access your accounts with the kind of security and privacy the password concept is supposed to provide.

In fact, imagine doing all of these things in an even safer, faster, and more convenient way than you do now (and without the risk of hacks, break-ins, and other security breaches that, in 80% of cases, are caused by stolen passwords).

Social media: Elon Musk says Twitter deal is ‘temporarily suspended’ over spam count estimates

Avoid inflation: These high-tech must-haves have actually gotten cheaper

Fortunately, following a major new agreement between Apple, Google and Microsoft which ironically was announced last week on World Password Day, we are much closer to this new vision than you might think. probably think. Together, these three leading device platform vendors have agreed to expand cross-collaboration and use of a technology standard created by an industry organization called the FIDO Alliance that will ultimately rid us of the need for passwords. pass.

The idea behind the concept is simple. You basically need to provide a way to prove to your device that you are who you say you are (i.e. authenticate yourself) and create what I call a portable digital identity. Today, most of our devices are able to do this through technology such as face scanners, fingerprint readers, and other mechanisms that don’t involve passwords (although some use more pin codes). This portable digital identity, in turn, is converted into a digital key that can be used to open access to your devices, accounts, payment methods, etc.

Until this new agreement, biometric authentication, two-factor authentication (for which you receive a text code to enter) and other types of forms of identification and verification without password (or with password limited password) were available on individual devices. What was missing, however, was a way to share that portable digital identity across devices, websites, and accounts.

The news announced last week is that the big three technology leaders are working to integrate this consistent approach into their respective devices and platforms. In other words, by the end of this year, iOS, Android, Windows, macOS and Chrome devices, as well as the main browsers of these platforms, will allow you to “share” this digital identity between them. In practical terms, this means, for example, that you can log into a website on your Windows PC via your iPhone’s face scan or your Android phone’s fingerprint reader.

Now, to make it work as seamlessly as we would all like, websites and other platforms that require logins will need to add support for this FIDO Alliance authentication standard. If they don’t, you’ll still have to do things the old fashioned way with traditional connections or the methods they currently use. Fortunately, however, the W3C (World Wide Web Consortium) has been talking about FIDO support for many years now, so a number of sites already support these digital keys, and with this particular announcement, many more are expected to do so in the near term future.

Even with the evolution of automatic generators of complex passwords, more sophisticated password managers, the growth of multi-factor authentication and other security-focused mechanisms, password issues remain a huge problem. problem. The simple truth is that it’s nearly impossible for even the most diligent people to follow all the best practices for using passwords. For the rest of us, well, let’s just say we’re all digital accidents and security breaches waiting to happen. With the increasing sophistication of hackers and other digital scoundrels, the concept of even complex passwords is simply broken. That’s why this move to a world of portable, passwordless, FIDO-authenticated digital identity is so important.

As with many tech industry announcements and developments, things won’t happen overnight, but the possibility of a truly passwordless digital world finally seems to be heading towards reality. For me, I can’t wait.

USA TODAY columnist Bob O’Donnell is president and chief analyst of TECHnalysis Research, a market research and consulting firm that provides strategic consulting and market research services to the technology industry and to the professional financial community. Its customers are large technology companies such as Amazon, Microsoft, HP, Dell, Samsung and Intel. You can follow him on Twitter @bobodtech.

This article originally appeared on USA TODAY: No more passwords? We’re getting closer to wearable digital identities

Leave a Comment