Apple, Google, and Microsoft combine efforts toward passwordless logins

Daniel Sims

Daniel Sims

Posts: 1,386   +43
Staff
In context: Tech companies have been trying to get rid of passwords for years. Users often have too many passwords to keep track of, and alone they aren't very secure. This week, Apple, Google, and Microsoft have announced plans to strengthen their cooperation towards easy, passwordless logins between their platforms.

Google and Microsoft already support the FIDO Alliance in its effort to build a set of passwordless login protocols. Marking World Password Day, Apple has joined the cause too. All three tech giants have pledged to make logins simpler across all their devices and operating systems over the next year.

In 2019, Microsoft started using FIDO certification to expand the number of sites and services that used Windows Hello to sign in with PINs, fingerprints, and facial recognition. However, this only works for Windows. That same year, Google introduced the ability to use Android phones as physical two-factor authentication devices using FIDO.

The new plan will let users with Microsoft, Android, or Apple devices use FIDO passkeys to log in to websites and apps across operating systems and browsers without passwords. For example, a user will be able to log into a site on Google Chrome running on Windows by simply unlocking their iPhone. Users will also be able to effortlessly transfer their FIDO credentials for all their logins to new devices.

This movement promises logins that are not only easier but also more secure than passwords. The FIDO Alliance says its passkeys, using public key cryptography, are almost impossible to phish and remain solely on users' devices. Maybe then we'll stop seeing "123456" as the most common password year after year.

Permalink to story.

https://www.techspot.com/news/94480-apple-google-microsoft-combine-efforts-toward-passwordless-logins.html

 
I'm not entirely convinced they will be keeping this biometric data solely on the users device. This data will get to their servers (Apple, Microsoft, etc.) and eventually out to the internet. If this is optional and not forced, fine... up to the user, but if it is forced, then no thanks. Bad idea... If your password gets stolen, you change it. Don't be stupid and use the same one across multiple accounts, if you do then you pay for it and have to change it on all those accounts and risk forgetting/missing some. If your biometric data gets compromised, you can't change that, you're screwed.
 
  • Like
Reactions: TheBigFatClown, fps4ever, BadThad and 1 other person
MakeMSGreatAgain said:
I'm not entirely convinced they will be keeping this biometric data solely on the users device. This data will get to their servers (Apple, Microsoft, etc.) and eventually out to the internet. If this is optional and not forced, fine... up to the user, but if it is forced, then no thanks. Bad idea... If your password gets stolen, you change it. Don't be stupid and use the same one across multiple accounts, if you do then you pay for it and have to change it on all those accounts and risk forgetting/missing some. If your biometric data gets compromised, you can't change that, you're screwed.
Click to expand...
You will give up your biometric identity and you'll like it!
 
  • Like
Reactions: tjboston, Gastec, Random Commenter and 8 others
MakeMSGreatAgain said:
I'm not entirely convinced they will be keeping this biometric data solely on the users device. This data will get to their servers (Apple, Microsoft, etc.) and eventually out to the internet. If this is optional and not forced, fine... up to the user, but if it is forced, then no thanks. Bad idea... If your password gets stolen, you change it. Don't be stupid and use the same one across multiple accounts, if you do then you pay for it and have to change it on all those accounts and risk forgetting/missing some. If your biometric data gets compromised, you can't change that, you're screwed.
Click to expand...

This technology is a communistic dictator's wet dream. I have hundreds of passwords across hundreds of sites and I have no intention of giving them up in lieu of signing in with something Microsoft, Apple and Google have collaborated on.
 
  • Like
Reactions: VBKing, tjboston, Gastec and 1 other person
TheBigFatClown said:
This technology is a communistic dictator's wet dream. I have hundreds of passwords across hundreds of sites and I have no intention of giving them up in lieu of signing in with something Microsoft, Apple and Google have collaborated on.
Click to expand...

The problem is password reuse. If any one site gets breached, you have a users user/password/email combo. If they reused passwords (which many people do) you now have their email account. Now all you need to do is go to websites of importance (banks, paypal, etc.) and start spamming the "forgot my password" prompt.

The problem with the current system is you are only as secure as the weakest protected website.
 
gamerk2 said:
The problem is password reuse. If any one site gets breached, you have a users user/password/email combo. If they reused passwords (which many people do) you now have their email account. Now all you need to do is go to websites of importance (banks, paypal, etc.) and start spamming the "forgot my password" prompt.

The problem with the current system is you are only as secure as the weakest protected website.
Click to expand...
It only means people are dumb and lazy and corporations want to prey on their stupidity to have access to their accounts. If you can't even write a txt.doc with all your passwords and to make them different for every site, then maybe you deserve it.
 
MakeMSGreatAgain said:
I'm not entirely convinced they will be keeping this biometric data solely on the users device. This data will get to their servers (Apple, Microsoft, etc.) and eventually out to the internet. If this is optional and not forced, fine... up to the user, but if it is forced, then no thanks. Bad idea... If your password gets stolen, you change it. Don't be stupid and use the same one across multiple accounts, if you do then you pay for it and have to change it on all those accounts and risk forgetting/missing some. If your biometric data gets compromised, you can't change that, you're screwed.
Click to expand...

Yeah... that's not how it works..

You are using biometirc data to unlock the keys on your device same as many people do right now to unlock the phone etc. There is no direct correlation between your biometric data and the keys on your device.

This is kind of like using last pass or Microsoft Authenticator on your phone that is locked by your fingerprint. Your fingerprint is not the password, your finger print unlocks the software that is generating the key, that then signs you in to a secure website using the FIDO standard.

This is what the article is talking about!


 
  • Like
Reactions: fb020997
"For example, a user will be able to log into a site on Google Chrome running on Windows by simply unlocking their iPhone". So now I have to buy an iPhone to log on TechSpot to post a comment about the bs that Corporate Commander tries to shove down my throat?
 
Gastec said:
I hate it. It's worse than spyware.
Click to expand...
Everything spies on you.
Your phone constantly pings towers, app devs sell your data to third parties that can be obtained by government and law enforcement agencies without warrant or notification, your car spies on you, your tv, your map app, your browser, your vpn....
 
Aranarth said:
Yeah... that's not how it works..

You are using biometirc data to unlock the keys on your device same as many people do right now to unlock the phone etc. There is no direct correlation between your biometric data and the keys on your device.
Theinsanegamer said:
You will give up your biometric identity and you'll like it!
Click to expand...
Not only that, you will also pay for it and feel excited for doing it!
Click to expand...
 
Gastec said:
"For example, a user will be able to log into a site on Google Chrome running on Windows by simply unlocking their iPhone". So now I have to buy an iPhone to log on TechSpot to post a comment about the bs that Corporate Commander tries to shove down my throat?
Click to expand...
This is an OPEN STANDARD, works on all kinds phones, iOS, Android, and yes also windows and mac if they have a fingerprint reader.


OIC!!!

So those of you complaining didn't read the article, or couldn't understand it and this is just a knee-jerk reaction.

Gotcha!
 
Last edited:
  • Like
Reactions: hahahanoobs
Aranarth said:
OIC!!!

So those of you complaining didn't read the article, or couldn't understand it and this is just a knee-jerk reaction.

Gotcha!
Click to expand...
That, and conspiracies get the reactions they want. It's a circle that can't be broken. They hate something until enough people give it the okay to like it.
 
emmzo said:
It only means people are dumb and lazy and corporations want to prey on their stupidity to have access to their accounts. If you can't even write a txt.doc with all your passwords and to make them different for every site, then maybe you deserve it.
Click to expand...
Because an unencrypted text document is so much safer.

Passwords are stupid, and always have been.
 
Aranarth said:
Yeah... that's not how it works..
Click to expand...
Yeah, I KNOW that. I'm basically saying that it is only a matter of time before they start to store our biometric data on their servers in the "cloud", claiming it's needed for some service or feature to work. Even still, there is always the possibility the biometric data on YOUR device could be compromised. Nothing is truly safe these days once your info is in the matrix.
 
  • Like
Reactions: tjboston
What's stupid is how many sites require passwords and logins at all for things that shouldn't. That's why so many of us reuse passwords, because there shouldn't even BE passwords to... what... browse prices at a simple shopping site, say, or view public fb or insta postings.
 
tjboston said:
What's stupid is how many sites require passwords and logins at all for things that shouldn't. That's why so many of us reuse passwords, because there shouldn't even BE passwords to... what... browse prices at a simple shopping site, say, or view public fb or insta postings.
Click to expand...
I agree
 
Gastec said:
"For example, a user will be able to log into a site on Google Chrome running on Windows by simply unlocking their iPhone". So now I have to buy an iPhone to log on TechSpot to post a comment about the bs that Corporate Commander tries to shove down my throat?
Click to expand...
Oh yes because you totally don't have a phone.

No, not just iPhones will work, on Windows, in Chrome. It was an example. To show how the tech from the 3 companies (MS, Apple, Google) work together seamlessly. The very sentence started with "FOR EXAMPLE". Do you know what these words mean?
 
I mean the idea is great, the implementation, not so much.

I already have passwordless enabled for my MS account, but to this day, Edge on the Xbox wants me to set up some kind of "code", basically an app password. Which kinda defeats the whole purpose.
 
You must log in or register to reply here.

Similar threads

Daniel Sims
Windows 11 preview adds biometric logins for apps and websites
Replies
0
Views
360
Daniel Sims
Daniel Sims
Daniel Sims
Microsoft confirms standalone Office 2024 is coming to Windows and Mac later this year
Replies
15
Views
362
Gezzer
G
TS Dealmaster
  • Locked
Microsoft Office deal is down to $49 for a lifetime license
Replies
0
Views
3K
TS Dealmaster
TS Dealmaster

Latest posts

Back