The scale of cybersecurity threats have never been greater, and sophisticated tech defences are being deployed to meet the threat. But there’s one weakness that every organisation continues to struggle with: the ability of human beings to generate, store and remember robust passwords.
The security experts at Microsoft estimate that there are 921 password attacks per second every day. Bret Arsenault, the company’s chief information security officer, is fond of saying: “Hackers don’t break in, they log in.”
Tech companies have been looking at alternatives to passwords for decades, but things took a big step forward in May 2022, when Apple, Google and Microsoft jointly announced that they would be supporting a common sign-in standard that eradicated the need for a password.
Created by the FIDO Alliance and the World Wide Web Consortium, the standard will allow users to sign in to apps and websites using the same methods they use to unlock their mobile devices – such as fingerprints, facial recognition or device PINs.
“Cyber security isn’t easy, but it comes down to three basic principles – protect, detect, and respond.”
While these capabilities are commonplace, the standard will dramatically expand seamless sign-in across all of a user’s devices, operating systems and apps.
Look out for wider rollouts of systems like Windows Hello, Apple Passkey, and third-party solutions like Yubico. And wave goodbye to passwords.