RIP Password: Web Browsers Are Starting To Kill Passwords
We all know very well that all security measures in browsers tend to fall on a single element. Itâ€™s the passwords we have to trust and the degree of protection they offer, as a classic and proven model. However, this universal truth seems to have the days counted, as web browsers are starting to kill passwords.
All security measures in browsers tend to fall on a single element. Itâ€™s the passwords we have to trust and the degree of protection they offer, as a classic and proven model.
This universal truth seems to have the days counted, with a new proposal presented by WC3 and that is now arriving at the browsers. Passwords will be passed and WebAuthn will occupy this space.
The new proposal aims to eliminate once and for all the use of passwords to access Internet sites and implement a new standard for this type of authentication.
The WebAuthn was finally presented in a mature enough state to be finally implemented in the next versions of Chrome and Firefox. This will be the API that will revolutionize the authentications, resorting to a new model.
In practice, passwords authentications will be replaced by new, more secure forms that depend on fingerprint, iris reading or a simple PIN. These methods and new authentications will be stored in services in the same way as passwords.
This API will register the authentications in the different services, being able to be used in the same way as the current passwords. The difference is in their security, higher, and more prepared to ensure the security of the authentication mechanisms.
It is too early to see WebAuthn in authentication, although it is already present. Companies like the tech giant Google and Mozilla are preparing to introduce them as default in their browsers. Chrome 67 and Firefox 60 are expected to have these natively active mechanisms already present. On the tech giant Appleâ€™s Safari side there are still no drives, and itâ€™s expected to be available soon.
It has gone a long way towards eliminating traditional and more than spending authentication mechanisms based on passwords. The change seems to come with WebAuthn and with what has been designed over the past 2 years.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.