W3C Approved WebAuthn, Era Of Passwords Is About To End
Login details are the traditional way of operating a website to access certain lock features or use them completely like social media. User ID and password linked to your phone or mobile account act as a user’s identity to enter the restricted region and many of us don’t have a habit of using a strong password. To tackle age-old standards, W3C has approved WebAuthn a new way of login into sites that use advanced biometric to authenticate users on websites.
It is also true as a user once you lost password it might take hours to recover, through WebAuthn in coming time typing password will be discontinued as popular browsers and the app will use the platform to identify users identity without the need of manually typing login details. Embedded with biometric features ample of smartphones can adopt this really fast.
World Wide Web Consortium takes WebAuthn as new standards to replace password. It is supported by a popular web browser like Chrome, Firefox, Edge, and Safari. Using an API, Web Authn will allow websites to connect with security devices that will help users to log in for example FIDO Security Key or connecting with the smartphone through Bluetooth or NFC for 2 Factor Authentication.
Now is the time for web services and businesses to adopt WebAuthn to move beyond vulnerable passwords and help web users improve the security of their online experiences,” said Jeff Jaffe, W3C CEO. “W3C’s Recommendation establishes web-wide interoperability guidance, setting consistent expectations for web users and the sites they visit. W3C is working to implement this best practice on its own site.
Around 81% of data breaches occur due to weak or default passwords, also it consumes an average of 10.9 hours per year to enter and reset a password. These results to a cost of $5.2 Million annually, SMS based 2 Factor authentication are still vulnerable to phishing attacks plus carry carrier charges.
Web Authentication as an official web standard is the pinnacle of many years of industry collaboration to develop a practical solution for stronger authentication on the web,” said Brett McDowell, executive director of the FIDO Alliance. “With this milestone, we’re moving into a new era of ubiquitous, hardware-backed FIDO Authentication protection for everyone using the internet.
Source: W3 Org