本周一，万维网联盟（World Wide Web Consortium）和线上快速身份验证联盟（FIDO Alliance）宣布WebAuthn成为官方认可的网络标准，在淘汰密码上迈出了一大步。WebAuthn是网络身份验证（Web Authentication）的缩写，它可以让用户通过生物特征技术，例如指纹和面部识别，或安全密钥，或智能手机、智能手表等设备进行登录，从而淘汰密码。
Passwords are problematic, whether it’s constantly having to change them due to a hack, resetting them, and even just remembering a unique password for the 130 accounts the average user has registered to their email address.
The Worldwide Web Consortium and the FIDO Alliance took a big step toward killing the password on Monday when they announced WebAuthn, which is short for Web Authentication, is now an official web standard. The login format kills the password in favor of letting people log in using biometrics, such as fingerprints, and facial recognition, or through security keys, and devices such as smartphones, and smartwatches.
Aside from the ease of not having to remember or enter a password, the new login standard also has some major security benefits, according to the Worldwide Web Consortium. Login keys, such as FIDO2, are are unique to a specific site. If a person chooses to login using their face or fingerprint, that information is only stored on their device, and never stays on a server. Additionally, those unique credentials could help prevent companies from following users around the Internet and tracking their every move.
WebAuthn is already supported by most popular browsers, including Google Chrome, Microsoft Edge, Apple’s Safari, and Firefox. Its official approval paves the way for more sites to integrate it as a standard login option. Dropbox and MIcrosoft were both early adopters that announced support for WebAuthn last year.
While the password isn’t going to the tech graveyard in the near future, the announcement on Monday was mostly a warning sign that its reaching the end of its time as the most trustworthy and safe Internet security credential.