IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Apple, Google, Microsoft expand their support for password-less sign-ins

New approach promises to offer “simpler, stronger authentication” across leading platforms to help protect users from malicious activity

A blue fingerprint on a glass surface

Apple, Google and Microsoft are expanding support for a common password-less sign-in standard created by the FIDO Alliance and World Wide Web Consortium.

The FIDO Alliance said the move will allow websites and apps to offer consistent, secure, and easy password-free sign-ins to users across devices and platforms.

The expanded FIDO Standard will give websites and apps the ability to offer an end-to-end password-less sign-in option, enabling users to sign in through the same action they use to unlock their devices – such as a fingerprint, face verification or device PIN.

The new capabilities are expected to be implemented across Apple, Google, and Microsoft platforms over the course of this year. FIDO said this new approach will provide better protection over legacy multi-factor authentication to better protect against malicious attacks such as phishing.

“‘Simpler, stronger authentication’ is not just FIDO Alliance’s tagline — it also has been a guiding principle for our specifications and deployment guidelines,” commented Andrew Shikiar, executive director and CMO of the FIDO Alliance.

“Ubiquity and usability are critical to seeing multi-factor authentication adopted at scale, and we applaud Apple, Google, and Microsoft for helping make this objective a reality by committing to support this user-friendly innovation in their platforms and products.”

Password-only authentications is recognised as one of the biggest security issues on the internet today. With consumers requiring so many passwords in the modern landscape, many will often reuse the same ones across different platforms to help keep things simple.

However, this can make them more vulnerable to account takeovers, data breaches and, in the more extreme cases, even stolen identities.

To help create the new password-less sign-in standards, hundreds of tech companies and service providers from around the world have pulled together to get things in shape.

Related Resource

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

Security awareness training strategies for account takeover protection - whitepaper from MimecastFree download

Many platforms already support FIDO Alliance standards, but previous implementations require users to sign in to each website or app with each device before they can use passwordless functionality.

With this announcement, users will now be able to automatically access their FIDO sign-in credentials on many of their devices without needing to re-enroll every account. They’ll also be able to use the FIDO authentication on their mobile device to sign in to an app or website on a nearby device, regardless of OS.

“This new capability stands to usher in a new wave of low-friction FIDO implementations alongside the ongoing and growing utilization of security keys — giving service providers a full range of options for deploying modern, phishing-resistant authentication,” Shikiar added.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Google backs Thales' public cloud services firm
public cloud

Google backs Thales' public cloud services firm

30 Jun 2022
Google aims to court US public sector with new division
public sector

Google aims to court US public sector with new division

29 Jun 2022
Google Earth Engine open for business on Google Cloud, in corporate sustainability push
Cloud

Google Earth Engine open for business on Google Cloud, in corporate sustainability push

28 Jun 2022
Microsoft reportedly blocks Russian Windows 10 and Windows 11 downloads
Microsoft Windows

Microsoft reportedly blocks Russian Windows 10 and Windows 11 downloads

20 Jun 2022

Most Popular

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Internet providers look to ease cost of living crisis with cheaper broadband
broadband

Internet providers look to ease cost of living crisis with cheaper broadband

29 Jun 2022