Sign in with
Sign up | Sign in

Microsoft Wants To Get Rid of Passwords, Joins Group

By - Source: Tom's Hardware US | B 32 comments

Microsoft has joined a group that wants to eliminate passwords.

The FIDO Alliance, short for Fast IDentity Online, announced that Microsoft has joined as a member of the Board of Directors.

The FIDO Alliance is an industry group launched in July 2012 that's attempting to set industry-wide open standards to reduce the need for passwords. Microsoft joins Google, BlackBerry, Lenovo, MasterCard, LG Electronics and many other industry leaders in making FIDO specifications the global standard for post password authentication.

"Open FIDO specifications will support a full range of authentication technologies for operating systems, including biometrics such as fingerprint and iris scanners, voice and facial recognition, as well as existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB Security Tokens, embedded Secure Elements (eSE), Smart Cards, Bluetooth Low Energy (BLE), and Near Field Communication (NFC)," reads the press release (PDF).

Username and password combinations underpin most online services. Unfortunately, they can be easy to intercept, thus security experts have warned for years that passwords can't protect user data if they're easy to guess or if the user provides the same one across multiple accounts. However, providing biometric or personal information to a website will not be required when using FIDO authentication.

As the IDG News Service points out, password replacement technology will need to be both simple and effective. The group envisions an installed software client that uses public key cryptography to authenticate users. Initially, the group will focus on securing access through Web browsers to Web applications. The group will then turn their attention to Android, Windows tablets and Apple devices.

"The open specifications are being designed to be extensible and to accommodate future innovation, as well as protect existing investments. FIDO specifications allow the interaction of technologies within a single infrastructure, enabling security options to be tailored to the distinct needs of each user and organization," the release adds.

The FIDO Alliance plans to submit its specification to groups dedicated to Web standards including the World Wide Web Consortium (W3C).

Add your comment Display 32 Comments.
Top Comments
  • 13 Hide
    SonSon1 , December 25, 2013 2:56 PM
    NSA Inside.
  • 12 Hide
    JOSHSKORN , December 25, 2013 2:05 PM
    I hope by eradicating username/passwords, they don't increase the rate of online identity theft.
Other Comments
  • 12 Hide
    JOSHSKORN , December 25, 2013 2:05 PM
    I hope by eradicating username/passwords, they don't increase the rate of online identity theft.
  • 13 Hide
    SonSon1 , December 25, 2013 2:56 PM
    NSA Inside.
  • -1 Hide
    sykozis , December 25, 2013 3:27 PM
    Fail....
  • -5 Hide
    deadmeow , December 25, 2013 4:32 PM
    Government and corporations love you! Please pay your taxes so they can make more bombs and kill more people. Because they love you.
  • 8 Hide
    fleeb , December 25, 2013 4:33 PM
    Why does the comments section paint a picture of MS failing or focus to how their OS sucks. This simply joined an already existing alliance by Google, BlackBerry, MasterCard, LG, etc.
  • -9 Hide
    Dogsnake , December 25, 2013 7:38 PM
    Near Field holds great promise. At birth a unique coded chip could be inserted under the skin of every individual. The for their entire life they could have secure authentication for everything. Once code you would need only to stand close to your car, front door or whatever to unlock. Multiple chips in various body parts could be used to interface with chips in other people for direct and personal communications. Oh the brave new world holds such wonders and possibilities.
  • 1 Hide
    Darkk , December 25, 2013 8:36 PM
    Bad idea of getting us chipped. What if somebody skims your chipped ID since it would be based on RF technology. Then what? I am favor the idea of getting rid of passwords but it has to be easy and secure to use. Remember dozens or so passwords is a PITA so currently I use a password manager to keep track of em all which is encrypted with a master password. Works well in the computer world but what about everywhere else?

    Gotta be a standard or nobody will use it.
  • -1 Hide
    Geef , December 25, 2013 8:45 PM
    At least they are joining a group to try to figure out how they can get rid of passwords. No matter what they do someone will always think its a bad idea. I'm sure they will come up with something that works and becomes a standard.
    Maybe it can be a standard like USB except its named FIDO 1.0 or 2.0 and so on.
  • 6 Hide
    digiex , December 25, 2013 9:10 PM
    I prefer dick pattern identification, it also give your true sex at the same time, so that guys will not pretend to be girls when online.
  • 1 Hide
    digiex , December 25, 2013 9:15 PM
    Insert your dick (if male) for identification...Lol,

    Why can I "like" my own post?
  • 1 Hide
    JOSHSKORN , December 25, 2013 10:42 PM
    Quote:
    I prefer dick pattern identification, it also give your true sex at the same time, so that guys will not pretend to be girls when online.


    Quote:
    Insert your dick (if male) for identification...Lol,

    Why can I "like" my own post?


    Nice...and Skype is possibly going 3D. Your computer is your new gloryhole. Who will be the first to admit their Mini-ATX case has enough headway for validation against someone who has an ATX Super Tower?

  • -2 Hide
    knowom , December 25, 2013 10:48 PM
    DNA is the best password it holds the key to everything ;) 
  • -1 Hide
    genz , December 25, 2013 10:51 PM
    Replace it all with a private/public asymmetrical key system. Give us means to implant it onto a body part of our choosing using a method that requires physical contact (not just proximity) and give us means to change it in the same way we change our passwords when they become compromised, and I might actually start listening... but for now, hell no. I do not want to have to go and see a surgeon if and when someone steals my credit card in the post.
  • 6 Hide
    back_by_demand , December 26, 2013 1:12 AM
    Doesn't matter what method of authentication is used, it all gets converted to binary and stored. So DNA, dick shape, retina, or "Password123" will always be able to be copied and sent to whoever is on the other end of the internet asking for authentication.
  • 5 Hide
    viliu24 , December 26, 2013 1:29 AM
    who cares what form of authentication is used, since history told us that for each law applied there will be a way to avoid it. The biggest problem is why do they need OUR personal details like retina, finger prints, dna or whatever is strictly bound to us. Is always said "we wont use it for "x" reason , is just for your security" .I would never trust to give those details to anyone , and certainly i would not accept to be chiped like a cow.Now sounds promising all these technology that are safer and easier to use but in time there is a huge chance that you wont have a private identity.I strongly belive that for now, the safer way to encrypt your personal data is a password that is wisely choosed. Like some said earlier , all form of authentication are digitally stored, so any of these at some point they can be cracked, so again , why the need of my fingerprint , retina scan .......
  • 3 Hide
    phatboe , December 26, 2013 3:08 AM
    This has FIDO alliance has NSA/FBI written all over it.
  • 1 Hide
    de5_Roy , December 26, 2013 4:19 AM
    i read the header as "nsa wants to get rid of passwords, build a new front with drones". my bad.
  • -2 Hide
    Jgriff , December 26, 2013 5:25 AM
    Yessss I'm tired of typing in and remembering damn passwords. One feature I really like about my 5s is the fingerprint lock, there's no guessing, you HAVE to be me to get into my phone.
  • 0 Hide
    Jgriff , December 26, 2013 5:29 AM
    Yessss I'm tired of typing in and remembering damn passwords. One feature I really like about my 5s is the fingerprint lock, there's no guessing, you HAVE to be me to get into my phone.
Display more comments
React To This Article