Skip to main content

Smartphone to replace your password on the web in the nearest future

The World Wide Web Consortium (W3C) is working to eliminate the text-based password by using your phone as an authenticator.
Similar to the two-factor authentication we use today, the W3C password solution would work for any site, as its browser-based, not account-based.
This W3C password solution is already working with Mozilla Firefox, with more browsers on the way.

The death of the password is a topic that’s been in discussion for years now, but just yesterday I signed up for an account on a site and set up a text-based password. Clearly, as much as the tech world would love to eliminate passwords, they are still going strong.
The World Wide Web Consortium (W3C), the international standards organization for the web founded by Tim Berners-Lee, in conjunction with the FIDO Alliance, has an actual solution in the pipeline. In a recent recommendation, over a dozen members of W3C laid out a plan to use mobile devices as an authenticator for your web-based accounts.

You’re probably thinking, “Don’t we already do this?” Yes, we certainly use our phones for two-factor authentication (like when you receive a text message with a code to enter into a form) and also for hardware-coded authentication (when your phone notifies you that you’ve logged into Gmail from a new location). The difference with this recent W3C password proposal is that this would be browser-based, not account-based, so any site on the web could take advantage of the system.

Here’s how it works:

You visit a site on your phone and create a new account.
The phone prompts you, “Do you want to register this device with this site?” You agree to the registration.
Your phone asks you to authenticate your identity, using your fingerprint/PIN/pattern code. Your account is created.
Later, you visit the same site on your laptop and click “Sign In.”
You enter your username, but no password. Instead, your phone beeps.
You see a prompt along the lines of, “Do you want to sign in to” You affirm, and once again authenticate your identity using your fingerprint/PIN/pattern.
The web page on your laptop instantly logs you in. No password necessary.

This makes it seem more complicated than having a password, but it’s more secure by a considerable margin. It also makes it incredibly difficult for identity thieves to gain access to your accounts on multiple sites through the discovery of one single password.

You might be asking, “What if a thief steals my phone?” Hopefully, you have some sort of remote wipe set up on your device, so as soon as your phone gets stolen, you can disable it as an authenticator. If you don’t have this set up yet, you should take care of that ASAP.

Of course, this whole system only works if browsers adopt the technology. Luckily, Mozilla Firefox is already on board, with Google Chrome, Opera, and Microsoft Edge coming soon. Only Apple’s Safari is holding out so far.


Popular posts from this blog

How to Create Whats App Account with US +1 Country number (Latest 100% Working Method)

Xiaomi Mi 6X launches on April 27 with Snapdragon 660, dual cameras, AI features, and more

How to Add Related Posts widget to Blogger Using Linkwithin

Latest Airtel N100 for 2GB and N500 for 10GB Activation Process

How To Get 2000% Instant Bonus From Mtn, Valid For 3 Months

Learn how to earn $50 - $500 per referer

Google Chrome lets you Export your saved Logins as .csv to easily import into your favourite password manager