Microsoft has been working on methods for eliminating the need for passwords throughout its recent stages of Windows 10 development. Now, the company has made a major step forward in that journey. It all has to do with advancing the Web Authentication Spec (WebAuthn). Here’s what you need to know about this initiative and what it could mean for the future of passwords.
What is WebAuthn?
WebAuthn is a spec that defines a web API to enable browsers and websites to use external authenticator keys that are based on the FIDO standard. This gives users the opportunity to access an option for providing strong authentication without the use of passwords across various platforms.
What’s new with WebAuthn?
This is something that the team at Microsoft has been working on for some time now. But the new part of the equation is that the World Wide Web Consortium (W3C) just recently advanced the WebAuthn spec to Candidate Recommendation Status. So the group is saying that the technology meets its technical standards. This is an important step in the process of getting the technology distributed and adopted on a wider scale.
What’s in store for the future of WebAuthn?
Microsoft is now working with Google and Mozilla to advance the solution. WebAuthn works alongside the Client Authentication Protocol (CTAP), which defines what the protocol would be for an external security key and client device. So with that piece of the puzzle now in place, Microsoft is waiting for innovative partners like Yubico, HID, and Infineon to put together a variety of different cost-effective security key options and form factors that use the technology and allow end users to access their data without the use of passwords. The company is confident that the solution will become widely adopted at some point in the future.
Photo credit: Shutterstock