There has been an alliance for some time now to find alternatives that could help replace the password as a basic means of authentication.
This alliance is called "FIDO" for "Fast Identity Online." This group is made up of big names in the digital sector such as Samsung, Google and Facebook. Their goal will be to find new systems that allow users of digital services to be identified other than the traditional password. In 2020, the Cupertino-based firm decided to finally join the Alliance founded by PayPal, Lenovo, Infineon and others in 2013.
This article will also interest you: Data security: a possible strategy without a password
A whole force in motion to be able to eliminate passwords while focusing efforts in the development of other means of identification such as fingerprint readers or facial recognition technologies. Biometric technology and multi-factor authentication will be the main attractions of this association.
The password issue has been around for a very long time. Although for a long time this protection system was useful or indispensable. The fact remains that today it has become a vulnerable system in the face of various computer attacks. Especially when you consider that a very large proportion of users of digital services tend to use the same password for virtually all services. Not to mention, on the other hand, the explosion of phishing and the expansion of brute force attacks, which today allow hackers to be able to break passwords by trying several combinations or playing with the naivety of users.
In other words, it only takes a simple vulnerability, so that the password is totally useless. And this problem is only growing with today the significant increase in connected objects that become an integral part of our daily lives. Tools that are usually produced and delivered with default passwords that the majority of users don't bother to change them once started.
That's why the FIDO alliance decided to find ways to increase protocols even more through biometric identification, which will be at the very centre of the his reflection. currently the reflections are at the dual authentication systems that will be combined with the biometric. There is also a penchant for physical key systems that are in development, although today it is possible to have the prototypes marketed to the general public. "In fact, it's all about ask the user for two things to identify themselves. Something he knows – a unique code, a username – and something he typically has a mobile phone to which it proves its identity through fingerprint sensor or facial recognition. Once this first step, it is enough to present his finger or his face to identify himself. This has the dual advantage of fluidizing user experience, while ensuring a high level of security. », explains an expert affiliated with the alliance.
But to consider such a device and deploy it in a liberal and democratic way, collaboration of all players in the digital industry, manufacturers of computer hardware, as well as platforms and publishers of computer programs is necessary. The arrival of Apple in the ranks of FIDO is something very positive, regarding its rather conservative nature. However, much more needs to be done and other players must finally decide. The ultimate goal is to have common standards.
Now access an unlimited number of passwords: