WEB BROWSERS ARE set to embrace password-free logins thanks to a the WebAuthn open standard that's currently supported by Firefox and set to wing its way to Chrome and Edge.
Developed by the World Wide Web Consortium (W3C) and FIDO Alliance, WebAuthn is an API that allows developers to better implement the new FIDO2 secure login standard that uses authentication methods such as biometrics and the use of USB tokens that bypass the need to rely on passwords.
This is one move to get away from the problem of password swiping through phishing attacks and could make accessing online services easier and safer.
WebAuthn has been in the works for some time, but it set to get major browser support, though Apple has yet to make any noise about supporting the API in its Safari browser even though it is part of the alliance of companies working on the standard.
Logging into services with hardware keys is nothing new, but the method was mostly supported by big tech firms that required the use of their own drivers. With WebAuthn, this isn't the case as the method uses code from commonly available libraries.
To go alongside the rise of browser support for WebAuthn, hardware authentication company Yubico launched an upgraded version Security Key that makes public key cryptography to carry out WebAuthn and FIDO2.
The adoption of hardware authentication isn't massively common outside of organisations with strong security needs, authentication for licensed software, and the habits of people that are very cybersecurity conscious. This is probably because passwords, along with their rampant reuse, are pretty much the de facto way to log into anything on the web,
But with WebAuthn coming to browsers that could push hardware authentication into the mainstream and help go some way to killing-off bad passwords and phishing attacks. µ
It's nothing we haven't seen before, but it's still the best iPhone yet
Firm gives scanner flaw the finger
Ermine is the same but stoat-ally different
But it's bad news for UK job-seekers