It is a frustration experienced the world over, but now the era of forgetting your password could be over, as tech giants supported plans to replace them with facial recognition and fingerprints.
Apple, Google and Microsoft have announced a joint effort to put a new security standard in place, allowing people to sign in to websites and apps using a smartphone device.
The new form of authentication has been designed to make the web more “secure and usable” amid concern that users recycling the same password is one of the biggest security risks in the digital world.
Under the plans, passwords will be ditched in favour of a method similar to unlocking a smartphone, by using a fingerprint, facial recognition scan or entering a PIN.
Crucially, the new system would allow people to use their smartphone to sign in on another device even if they run on the operating systems of rival companies.
The three tech giants are among scores of firms supporting the passwordless standard being developed by industry bodies the Fido Alliance and the World Wide Web Consortium.
Quells security fears
It comes in response to long-held fears about the security implications of people being forced to remember a wide range of username and password combinations to log in to different services, which often led to passwords being reused across multiple accounts.
If hackers get hold of that password, they can log into multiple websites and carry out crimes such as stealing personal data, committing identity theft and making fraudulent money transfers.
The Fido Alliance said in a statement: “Password-only authentication is one of the biggest security problems on the web, and managing so many passwords is cumbersome for consumers.”
Apple, Google and Microsoft said they hoped to start making these capabilities available across their platforms over the coming year.
Customers will, however, still be given the option to use a password if they prefer.
Google said in a statement: “Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off.”
Companies have been slow to replace passwords
Andrew Shikiar, the director of the Fido Alliance, said that the technical capability to replace passwords has existed for some time, but large companies have been slow to roll it out for general use.
The Telegraph understands that Gmail and YouTube will not be implementing the passwordless login features until technical groundwork has been laid to the extent that any website, anywhere in the world, can use the passwordless standard.
Apple said the announcement was a continuation of work it began last year to enable FaceID technology as a means of logging into websites from iPhones.
Alex Simons, the corporate vice president of identity at Microsoft, said methods of replacing passwords “must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today” and said the company would continue working on non-password-based login methods for its services.
Cybersecurity experts on Thursday called for the public and businesses to “drop passwords altogether” to better protect personal data.
Grahame Williams, the identity and access management director at defence firm Thales, said passwords were “becoming increasingly insecure” and “easily hacked”, adding that the industry needed to move on to newer technologies in order to boost security.
