Keeping this in mind, Apple has decided to move away from password authentication alone for its users and towards more secure forms of logins. Apple has joined FIDO or Fast Identity Online; an organization launched to reduce users’ over-reliance on passwords for security.
The FIDO Alliance was started in 2013 by companies like PayPal and Lenovo to combat security breaches due to the overuse of passwords and to upgrade the security standards. It wants to develop a technical system of authentication that is applicable across platforms, websites and apps. “Based on free and open standards from the FIDO Alliance, FIDO Authentication enables password-only logins to be replaced with secure and fast login experiences across websites and apps,” says the FIDO website
The alliance has Google, Microsoft, Intel and Samsung as members.. Apple’s entry into the alliance, albeit a bit late, is being welcomed by all. With Apple on board, many other companies will be more open to the agenda of FIDO for higher standards of authentication and security by all major tech companies and vendors.
Apple Joins FIDO Alliance
It is surprising that Apple decided to join the alliance so late as the Cupertino giant has already incorporated Face ID and Touch ID on some of its gadgets.
Apple’s iOS 13.3 upgrade in December allowed the use of security keys with Apple’s Safari browser. iOS 13.3 supports NFC, USB, and Lightning FIDO2-compliant security keys in Safari.
Physical security keys like Yubico’s iPhone compatible YubiKey 5Ci are now usable on Apple devices, but one needs an app to manage it.
Security keys are a convenient form of authentication as one needs just to plug it into the device. This will prevent any phishing and hacking attempts, although the downside is that one can lose them as any other key and at the moment compatibility for it is low.
FIDO for Password-free Authentication
FIDO is working towards a generic security tech that is user-friendly, highly secure and compatible with all major platforms and services. It wants to promote the use of a public key cryptographic “authenticator” instead of a password. Getting all major companies on board means the tech strength of all combined working towards a common goal.
ESET cybersecurity specialist Jake Moore said in a statement to Forbes, “Keeping the same level of security or increasing it while making the account more convenient for the user is a step in the right direction.
“It’s well known that passwords are still being reused across multiple accounts so if this security layer can be taken away from the user altogether, with the same security in place, we are improving the process and moving forward.”
Passwords are increasingly becoming passe with biometric authentication facial recognition, touch ID and Voice ID gaining popularity.
If you have a digital presence and navigate your life in the ether then you know almost every transaction has a gatekeeper— give a code or a password for entry to authenticate your self. Mostly, it is in the form of passwords, which are no longer considered adequate to guards your privacy. They are easily hackable( the advanced algorithms make it easy to gauge a person’s predictability to give similar passwords) as people tend to repeat them. Up to 51 per cent of passwords are reused, according to FIDO. Over 80 per cent of data breaches have been due to weak passwords.
