Goodbye passwords? WebAuthn is now an official web standard

Advanced
2020/08/20 21:14

Today's Vocabulary

1.outlived (v) 
to live or exist longer live or exist longer
than someone or something

2. consortium (n)
an organization of several businesses or banks joining together as a group for a shared purpose 

3. breach (n)
an act of breaking a law, promise, agreement, or relationship

4. drain (n)
something that uses more of your energy, money, or time than you want to give

5. authentication (n) 
the process of proving that
something is real, true , or what people say it is

6. efficacy (n) 
the ability, especially of a medicine or a method of achieving something, to produce the intended result

7. biometrics (n)
the use of detailed information
about someone’s body, for example the patterns of colour in their eyes, in order to prove who they are

Goodbye passwords? WebAuthn is now an official web standard

WebAuthn has become an official web standard for logins, the World Wide Web Consortium and the FIDO Alliance said Monday.

“It’s common knowledge that passwords have outlived their efficacy,” the organizations wrote in a press release. “Not only are stolen, weak or default passwords behind 81 percent of data breaches, they are a drain of time and resources.”

WebAuthn, short for Web Authentication, is a browser and platform standard for simpler and stronger authentication processes, according to W3C and the FIDO Alliance. It lets users log in to their online accounts using their preferred device, biometrics or FIDO security keys.

WebAuthn is already supported in Windows 10 , Android, Google Chrome, Mozilla Firefox, Microsoft Edge and Apple Safari browsers. Now that it’s an official web standard, that should encourage wider adoption of WebAuthn instead of passwords.

Passwords are becoming less popular. Google in February said Android is FIDO2- certified, which means devices can use fingerprints and security keys for logging in to accounts instead of passwords. The change affects those running Android 7 and up, half of all Android users. That’s approximately a billion devices.

Resource: https://www.cnet.com/news/goodbye-passwords-webauthn-is-now-an-official-web-standard/

Discussion
  1. What did the article say are on the way out?
  2. How many data breaches are because of stolen, weak or default passwords?
  3. What do you think of the Web Authentication system?
  4. How secure do you think fingerprints and facial recognition are?

"Tradition is the code that keeps change in lock. If you refuse change, you are likely to rust and guess the cause; that long held way of doing things.”