Brett McDowell, Executive Director, FIDO Alliance  

World Password Day was started by FIDO Board member Intel seven years ago, and much has changed in that time. The world finally has a better call-to-action than simply changing passwords and hoping the year-over-year growth in data breaches magically reverses itself. The FIDO Alliance and the World Wide Web Consortium have announced a new authentication standard that Google, Microsoft and Mozilla have said will be built into Chrome, Edge and Firefox respectively. This new set of technologies, collectively known as FIDO2, enable websites and native apps to use on-device biometrics and/or portable security keys to free their users from a dependency on the failed “shared secret” security model of passwords and one-time-passcodes. Passwords are no longer fit for purpose, a fact highlighted in numerous studies that attribute password compromise as the root cause for the vast majority of data breaches that have taken place in recent years.  

That’s why I applaud World Password Day’s commendable focus on multi-factor authentication this year. Instead of encouraging users to change all of their online passwords – which more often than not results in easy-to-remember passwords being recycled across different accounts – website and app developers can now look to new methods of authentication that will enhance security while improving user experience.  By building to these new web standards for strong cryptographic authentication, developers can now leverage the authentication mechanisms that are already on their users’ smartphones, tablets, and computers — from fingerprint, iris, face or voice recognition, to portable hardware security keys — to improve security for their businesses and their users.

This year ‘World Password Day’ could mark the beginning of the end for “shared secrets” security on the web. But to do that, online services must accept that the humble password has outlived its efficacy and take action to learn more about FIDO2 today so that next year we can celebrate how our favorite online services have freed us from the bondage of passwords.


More

2024 FIDO Alliance Seoul Public Seminar: Unlocking a Secure Tomorrow with Passkeys

The FIDO Alliance’s Seoul Public Seminar was held on December 10, 2024, at the SK…

Read More →

Passkey Adoption Doubles in 2024: More than 15 Billion Online Accounts Can Leverage Passkeys for Faster, Safer Sign-ins

Momentum continues in Japan with notable passkey success stories and deployments from Nikkei, Tokyu, Google,…

Read More →

New Data Finds Brands are Losing Younger Customers Due to Password Pain, as Passkeys Gain Mainstream Momentum

Global FIDO Alliance study reveals latest consumer trends and attitudes towards authentication methods and their…

Read More →


12366 Next