The Briefing Room

General Category => Science, Technology and Knowledge => Computers => Topic started by: corbe on March 04, 2019, 08:17:15 pm

Title: The web just took a big step toward a password-free future
Post by: corbe on March 04, 2019, 08:17:15 pm

The web just took a big step toward a password-free future

WebAuthn is here to kill the password

By Jon Porter@JonPorty    Mar 4, 2019, 10:32am EST  

Today, the World Wide Web Consortium (W3C) approved WebAuthn, a new authentication standard that aims to replace the password as a way of securing your online accounts. First announced last year, WebAuthn (which stands for Web Authentication) is already supported by most browsers, including Chrome, Firefox, Edge, and Safari. Its publication as an official web standard should pave the way for wider adoption by individual websites.

At its core, WebAuthn is an API that allows websites to communicate with a security device to let a user log into their service. This security device can range from a FIDO security key that you simply plug into a USB port on your computer to a more complex biometric device that allows for an additional level of verification.

<..snip..>

https://www.theverge.com/2019/3/4/18249895/web-authentication-webauthn-world-wide-web-consortium-w3c-standard-browsers (https://www.theverge.com/2019/3/4/18249895/web-authentication-webauthn-world-wide-web-consortium-w3c-standard-browsers)

Title: Re: The web just took a big step toward a password-free future
Post by: XenaLee on March 04, 2019, 08:50:34 pm

Quote from: corbe on March 04, 2019, 08:17:15 pm

The web just took a big step toward a password-free future

WebAuthn is here to kill the password

By Jon Porter@JonPorty    Mar 4, 2019, 10:32am EST  

Today, the World Wide Web Consortium (W3C) approved WebAuthn, a new authentication standard that aims to replace the password as a way of securing your online accounts. First announced last year, WebAuthn (which stands for Web Authentication) is already supported by most browsers, including Chrome, Firefox, Edge, and Safari. Its publication as an official web standard should pave the way for wider adoption by individual websites.

At its core, WebAuthn is an API that allows websites to communicate with a security device to let a user log into their service. This security device can range from a FIDO security key that you simply plug into a USB port on your computer to a more complex biometric device that allows for an additional level of verification.

<..snip..>

https://www.theverge.com/2019/3/4/18249895/web-authentication-webauthn-world-wide-web-consortium-w3c-standard-browsers (https://www.theverge.com/2019/3/4/18249895/web-authentication-webauthn-world-wide-web-consortium-w3c-standard-browsers)

So what is the downside to this?   Any techies here care to comment?   I'm not up on the Android technology and can't speak on it.

Title: Re: The web just took a big step toward a password-free future
Post by: corbe on March 04, 2019, 08:55:01 pm

   G-D Forbid someone stealing your WebAuthn thumb drive or does it in itself require a password to unlock?

Title: Re: The web just took a big step toward a password-free future
Post by: XenaLee on March 04, 2019, 09:02:49 pm

Quote from: corbe on March 04, 2019, 08:55:01 pm

   G-D Forbid someone stealing your WebAuthn thumb drive or does it in itself require a password to unlock?

I'm sure it does.  What doesn't, these days.