Some of the most popular Web browsers are trying to kill your passwords.
Internet standards organizations the FIDO Alliance and W3C have launched a new specification that allows Web browsers and websites to support biometric encryption methods in place of passwords. The specification, called WebAuthn, is an application programming interface (API) that Web developers can integrate into their websites and allow fingerprint readers and even face scanners like Apple’s Face ID to verify a person’s identity.
According to Engadget, which earlier reported on WebAuthn, Firefox already works with the technology. Google’s Chrome and Microsoft Edge are slated to add support for WebAuthn within the next few months. Apple, which operates its Safari browser, has yet to announce support for WebAuthn.
The move could technically create a more secure Internet. As the rash of hacks, scams, and data breaches have shown over the last several years, passwords alone are not necessarily a suitable safeguard for data. Companies have moved to two-factor authentication, which requires users to input a code sent to their smartphones in addition to a password to verify their authenticity, but that still isn’t as secure as biometrics.
Get Data Sheet, Coins2Day’s technology newsletter
At its iPhone unveiling in September last year, Apple talked in detail about biometric security. The company said that its Touch ID fingerprint scanner could be duped in 1 in 50,000 cases. That jumped to 1 in 1 million cases with its Face ID face scanner. Either way, that’s better than a simple password.
Still, passwords aren’t dying anytime soon. While WebAuthn has officially launched, it’s still considered a “recommendation” and could be modified before it becomes a standard. The recommendation paves the way for websites and browsers to support alternatives to passwords, but now the onus is on website owners and browser companies to support it.