Published on Wired | By Alyssa Foote
Password-free logins have long been the stuff of dreams for security researchers and privacy advocates.
Now, a new standard for the web called WebAuthn is being lauded as a major step forward in secure authentication, and “probably the most effective anti-phishing measure for the web that’s out there,” according to Selena Deckelmann, senior director of engineering for Mozilla Firefox. It introduces a set of rules for the web that, if adopted by popular browsers and websites, would mean people could use a single device or a single fingerprint to log into, well, almost everything.
But like the password-free attempts before it, WebAuthn still faces hurdles before it becomes something that impacts the masses. Some security and identity experts seem reluctant to claim that our password-free future has finally arrived. And a lot of WebAuthn’s success comes down to whether hugely popular websites like Amazon or Facebook will adopt this new standard.
Read entire article Our password-free future is near (but not really)