W3C approves WebAuthn as the official standard: Has the password died on the web?
With WebAuthn that has become an official standard, the password could have counted hours. Of course, it will take some time to see the passwords disappear as an authentication system, the announcement represents a first step in this direction.
Generations that have not grown on bread and the Internet often struggle to become familiar with concepts such as ” login credentials ” or ” passwords “, and all the more do not understand the importance of using unassailable methods for online security.
The password is a fallible method, as well as a little frustrating, to gain access to a service, but soon the web could completely change face thanks to the approval of the WebAuthn standard by the World Web Consortium ( W3C).
Announced last year, WebAuthn (Web Authentication) is a technology already supported by different browsers such as Chrome, Firefox, Edge and Safari. Web services may already use it, but the announcement by the W3C as the official web standard will have a fundamental impact with regards to individual adoption on websites. Basically, WebAuthn is an API that allows various services to communicate with a security hardware device which in turn allows to log-in.
The device can be a personal FIDO security key, or a single USB device to be inserted on the device to get access to compatible services, or even a more advanced biometric system that includes an additional security layer. The important part to know is that WebAuthn is a safer (and also simple) method to use compared to traditional passwords, especially considering that a good part of users continues to use ” weak “ credentials that are easy to conquer.
Now that the standard has been approved by the W3C, the next step for its spread is the integration on the websites. Some of the most famous services already use it: among the first to implement WebAuthn was Dropbox last year, and Microsoft arrived shortly after.
However, the password will continue for several years to be the most usual system for authentication on websites, this is clear after today’s announcement, WebAuthn is configured even more as a viable and in some ways more valid alternative.