Tech giants Google, Microsoft and Apple have backed a push for scrapping password logins to establish a more secure sign-in process across digital platforms.
The new login standard, developed by the FIDO Alliance and the World Wide Web Consortium, would enable users to sign-in to devices and online platforms more seamlessly and securely.
Password laziness and the use of default or weak passwords is recognised by law enforcement agencies as one of the biggest facilitators of organised crime.
The elimination of online passwords altogether could come as early as this year and would significantly reduce the risk of hacking and online identity theft, experts say.
“Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience – all with the goal of keeping users’ personal information safe,” Apple senior director Kurt Knight said.
Passwordless logins would enable users to sign-in at the press of a button by verifying their fingerprint, face, or a device PIN, which is a safer and more convenient alternative to the current two-factor authentication methods.
“The complete shift to a passwordless world will begin with consumers making it a natural part of their lives,” corporate vice president at Microsoft Alex Simons said.
“Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today.”
The push for more secure logins comes amid a rise in cybercrime across Australia.
The Australian Cyber Security Centre recorded 67,500 cybercrime reports in 2021, up nearly 13 per cent from the previous financial year.
Fraud, online shopping scams and online banking scams were the top reported cybercrime types and self-reported losses from cybercrime total more than $33 billion, according to the ACSC’s latest annual cyber threat report.
“This milestone is a testament to the collaborative work being done across the industry to increase protection and eliminate outdated password-based authentication,” Google senior director Mark Risher said.
Mibenge Nsenduluka
(Australian Associated Press)