For those who don't know, WebAuthn is a technical standard that allows users to log into websites using biometrics, USB keys, or mobile devices and smartwatches. This effectively bypasses the need to type in user names and passwords into web services.
An advantage of this is WebAuthn means users are at less risk of having their passwords and credentials sucked up by keyloggers and snooping malware, simply because login authentication comes courtesy of hardware or physical inputs.
"Now is the time for web services and businesses to adopt WebAuthn to move beyond vulnerable passwords and help web users improve the security of their online experiences," said Jeff Jaffe, W3C CEO.
"W3C's Recommendation establishes web-wide interoperability guidance, setting consistent expectations for web users and the sites they visit. W3C is working to implement this best practice on its own site."
You may already be using WebAuthn as it's supported in Windows 10, Edge, Chrome, Android, Firefox and Safari. This means the main browsers and the largest operating system in the world support WebAuthn. All good stuff.
But the next step is getting websites to support the authentication standard, which judging by the clunkiness of some sites and a lack of adoption of the latest security protocols, could mean WebAuthn takes a while to get slipped into various web services.
Making WebAuthn an official standard might help give the adoption a kit of a kick in the rear, but don't go expecting it to become rapidly ubiquitous. µ
Some deliberately, others through stupidity
Quite the business expense
It's another quantum leap camera
Evolution, not revolution, but that's just fine