Microsoft Wants To Get Rid of Passwords, Joins Group

The FIDO Alliance, short for Fast IDentity Online, announced that Microsoft has joined as a member of the Board of Directors.

The FIDO Alliance is an industry group launched in July 2012 that's attempting to set industry-wide open standards to reduce the need for passwords. Microsoft joins Google, BlackBerry, Lenovo, MasterCard, LG Electronics and many other industry leaders in making FIDO specifications the global standard for post password authentication.

"Open FIDO specifications will support a full range of authentication technologies for operating systems, including biometrics such as fingerprint and iris scanners, voice and facial recognition, as well as existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB Security Tokens, embedded Secure Elements (eSE), Smart Cards, Bluetooth Low Energy (BLE), and Near Field Communication (NFC)," reads the press release (PDF).

Username and password combinations underpin most online services. Unfortunately, they can be easy to intercept, thus security experts have warned for years that passwords can't protect user data if they're easy to guess or if the user provides the same one across multiple accounts. However, providing biometric or personal information to a website will not be required when using FIDO authentication.

As the IDG News Service points out, password replacement technology will need to be both simple and effective. The group envisions an installed software client that uses public key cryptography to authenticate users. Initially, the group will focus on securing access through Web browsers to Web applications. The group will then turn their attention to Android, Windows tablets and Apple devices.

"The open specifications are being designed to be extensible and to accommodate future innovation, as well as protect existing investments. FIDO specifications allow the interaction of technologies within a single infrastructure, enabling security options to be tailored to the distinct needs of each user and organization," the release adds.

The FIDO Alliance plans to submit its specification to groups dedicated to Web standards including the World Wide Web Consortium (W3C).

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
31 comments
    Your comment
    Top Comments
  • NSA Inside.
    13
  • I hope by eradicating username/passwords, they don't increase the rate of online identity theft.
    12
  • Other Comments
  • Microsoft can well you know where it can be placed I am turning to Ubuntu and Winows 7
    all that metro garbidge to much is reliant to having to be conected online I did my 50gb quota all because of installing winows 8.1 and then installing my games that all had to be updated online which didnt work because of 32bit 64bit and brouser compatibility for constant online conection
    -10
  • I hope by eradicating username/passwords, they don't increase the rate of online identity theft.
    12
  • NSA Inside.
    13