How Google plans to kill off the password

The latest update from Google spells the end of the ‘password’ over the next decade.

How Google plans to kill off the password

Google is looking to make the internet a safer and far more secure place for all users. The latest update from Google spells the end of the ‘password’ over the next decade.

Android last month received certification to run the FIDO2 authorisation standard. Instead of using passwords, Android users will soon be able to sign in with the face or fingerprint reader on their device. Furthermore, FIDO2 supports hardware-based security keys that can be plugged into a PC’s USB port to authorise and unlock accounts without a password.

“The important, often overlooked, part of this technology is actually not allow users to use biometrics to sign in, but rather moving authentication from a ‘shared secret’ model – in which both you and the service you’re interacting with needs to know some ‘secret’ like your password – to an ‘asymmetric’ model where you only need to prove that you know a secret, but the remote service doesn’t actually get to know the secret itself”, said Google identity and security product manager Christiaan Brand in a statement.

The main benefit of FIDO2 authorisation is that it absolves websites of liability and places the security of your account solely in your keeping. With more than a billion passwords having been hacked over the past decade, the introduction of this new authorisation standard could significantly decrease online fraud.

Since this article was published, the World Wide Web Consortium (W3C) has also approved a new authorisation standard named WebAuthn. At its core, WebAuthn is a plugin that allows websites to implement software that will communicate with a security device (similar to the FIDO2) to login to the website.

Will you feel safer using your fingerprint or face as your password manager in your smart device?

RELATED ARTICLES





    COMMENTS

    To make a comment, please register or login
    Priscilla
    26th Mar 2019
    11:30am
    What is stop hackers/scammers from getting access to your fingerprint? I have no faith in the ability of the system to keep people safe/secure from being hacked.
    MICK
    26th Mar 2019
    12:14pm
    Quite so. A fingerprint is nothing more than a set of digital bytes so that will be the way technology moves.
    An IT friend of mine has a dongle with this stored and this is apparently encrypted so that it bypasses his computer and connects directly. Not exactly sure how it works but my friend claims this is 'safe'.....whatever that means these days.
    Give it time though.
    Janus
    26th Mar 2019
    11:32am
    I already have a fingerprint device on a laptop. Works a treat until you cut your finger or have some paint on your fingertip.
    As for facial, as you get older, or tired, or change your beard/mustache, you have to change it, which is no rapid or simple task. Even your eye colour can change. Then it is back to the password to change it.

    Bloody things! Computers were meant to make life easier. FAIL!!
    Knows-a-lot
    26th Mar 2019
    11:52am
    Dumb idea. And I don't use my phone in any way except to talk to people. I use passwords - they're a pain in the arse - only on my computer.
    jackie
    26th Mar 2019
    12:04pm
    It won’t literally destroy the password because it will remain as a backup when facial recognition fails. This is currently happening with iPhone, CBA, PayPal and other Ap users. Yes I think it’s good. Some security devices use facial recognition too.
    V1K1
    26th Mar 2019
    3:16pm
    My computer uses facial recognition. It doesn't work when I wash my hair and I have my hair in a towel.
    jackie
    26th Mar 2019
    3:42pm
    V1K1....That is the reason why you still have a password as a backup. My past work had a clock on device where you had to thumb on. It never worked for me but it did for others therefore, I had to key in a password.
    KSS
    27th Mar 2019
    6:48am
    My mobile ready uses fingerprint log in but interestingly after a few uses it then asks for a ID code (password) to check you are you.

    We have all been moved to laptop computers at work and these also have fingerprint plus code as logins. So its not coming, its already here.
    jackie
    27th Mar 2019
    1:24pm
    KSS...Yes, it's already here but not yet with Google.


    Join YOURLifeChoices, it’s free

    • Receive our daily enewsletter
    • Enter competitions
    • Comment on articles