The World Wide Web Consortium (W3C) today declared that the Web Authentication API (WebAuthn) is now an official web standard. First announced by the W3C and the FIDO Alliance in November 2015, WebAuthn is now an open standard for password-free logins on the web. It is supported by W3C contributors, including Airbnb, Alibaba, Apple, Google, IBM, Intel, Microsoft, Mozilla, PayPal, SoftBank, Tencent, and Yubico.
The specification lets users log into online accounts using biometrics, mobile devices, and/or FIDO security keys. WebAuthn is supported by Android and Windows 10. On the browser side, Google Chrome, Mozilla Firefox, and Microsoft Edge all added support last year. Apple has supported WebAuthn in preview versions of Safari since December.
Killing the password
“Now is the time for web services and businesses to adopt WebAuthn to move beyond vulnerable passwords and help web users improve the security of their online experiences,” W3C CEO Jeff Jaffe said in a statement. “W3C’s Recommendation establishes web-wide interoperability guidance, setting consistent expectations for web users and the sites they visit. W3C is working to implement this best practice on its own site.”
Although the W3C hasn’t adopted its own creation yet, WebAuthn is already implemented on sites such as Dropbox,…
Latest posts by Peter Bordes (see all)
- How to Watch Game of Thrones Online - April 21, 2019
- After an Easter terror attack, Sri Lanka cut access to social media - April 21, 2019
- A Blazing Hot Coal Seam Shows How Microbes Can Spring to Life - April 21, 2019
More from Around the Web