Despite exciting progress toward more secure and usable factors, the best MFA mechanism for consumers really isn’t MFA at all — it’s passkeys. Passkeys are a FIDO authenticator with the advantage of being backed up to the cloud, so if you lose your device or buy a new one, all you must do is sign into your iCloud or Google Play account to recover your passkeys. Passkeys use public key cryptography and device biometrics, making them resistant to many known attacks, and are easy for the user.


More

Engadget: The web just got an official password-free login standard

Web Authentication (aka WebAuthn) has been a de facto standard for no-password web sign-ins for…

Read More →

CNET: Google looks to leave passwords behind for a billion Android devices

Unveiled at Mobile World Congress in Barcelona: Android passwords could one day go the way…

Read More →

The Verge: The latest Android devices now let you log into apps without requiring a password

Here’s a good reason to update to your latest version of Google Play Services: The…

Read More →