Google plans to kill the password

Google is looking to make the internet a safer and far more secure place for all users. The latest update from Google spells the end of the ‘password’ over the next decade.

Android last month received certification to run the FIDO2 authorisation standard. Instead of using passwords, Android users will soon be able to sign in with the face or fingerprint reader on their device. Furthermore, FIDO2 supports hardware-based security keys that can be plugged into a PC’s USB port to authorise and unlock accounts without a password.

“The important, often overlooked, part of this technology is actually not allow users to use biometrics to sign in, but rather moving authentication from a ‘shared secret’ model – in which both you and the service you’re interacting with needs to know some ‘secret’ like your password – to an ‘asymmetric’ model where you only need to prove that you know a secret, but the remote service doesn’t actually get to know the secret itself”, said Google identity and security product manager Christiaan Brand in a statement.

The main benefit of FIDO2 authorisation is that it absolves websites of liability and places the security of your account solely in your keeping. With more than a billion passwords having been hacked over the past decade, the introduction of this new authorisation standard could significantly decrease online fraud.

Since this article was published, the World Wide Web Consortium (W3C) has also approved a new authorisation standard named WebAuthn. At its core, WebAuthn is a plugin that allows websites to implement software that will communicate with a security device (similar to the FIDO2) to login to the website.

Will you feel safer using your fingerprint or face as your password manager in your smart device?

Related articles:
Best password managers
One billion passwords stolen
Time to rethink your password

Written by Drew

Starting out as a week of work experience in 2005 while studying his Bachelor of Business at Swinburne University, Drew has never left his post and has been with the company ever since, working on the websites digital needs. Drew has a passion for all things technology which is only rivalled for his love of all things sport (watching, not playing).


Best password managers

We've found five of the best password managers to help you keep your digital world secure.

One billion passwords stolen

A Russian gang has stolen over one billion usernames and passwords.

Why your ‘strong’ password isn’t really that strong

Experts abandon old advice and recommend a new tip to keep your data safe.