Apple wants to reject passwords. How?

Apple хочет полностью отказаться от паролей. Каким образом?

Many are now saying that in terms of technology, passwords have become obsolete. They were good in the days when we had to have a few passwords, but in the current reality you need a password for everything from email and social networks up to applications that transmit data from the devices and a trivial ordering pizza. Especially annoying to enter passwords on iOS devices when you have to switch the on-screen keyboard between letters, numerals and symbols several times to enter just one password. Surprisingly, Apple seems to share this point of view.

Recently, the tech giant officially joined the Fido Alliance is an organization that wants to achieve getting rid of passwords. First information appeared in the form of rumors, at the next conference Fido appeared the Apple logo with the words “new Board member”. Now, however, the Corporation added?? on the official website of the organization as a member of the Board of Directors, along with such tech companies as Amazon, Arm, Facebook, Google, Intel, Microsoft and Samsung. Members of the Board of Directors are also a number of large financial companies, including American Express, ING, Mastercard, Paypal, Visa and Wells Fargo.

Why would Apple need this? The company is actively developing third-party authentication methods. Biometric authentication such as Face ID and Touch ID is a good alternative, as managers of passwords (iCloud keychain), but many of the passwords users have to enter manually. In particular, therefore, in iOS 13 now has a “Sign in with Apple”, which allows you not to produce multiple passwords.

Passwords become a headache for those who use the same password for almost every website, application and services. This means that as soon as any of the services gets compromised, all other logins of the user are compromised. Usually hackers are looking for credentials on poorly protected websites, and then check them for authenticity.

How can you refuse passwords

Offer Fido is that trusted devices have in the future to replace passwords. This will work the same way as two-factor authentication (2FA) using Apple devices. When you try to log on to your new Apple device with your Apple ID, the company sends the code to a trusted device, and you enter this code.

For the Apple system and it’s an extra step to increase security, but the Fido Alliance wants a similar approach was used to replace passwords, and you would not have to enter them every time.

For example, if you try to log on to a web site on your iPhone, you enter only your user name, and then sends an authentication request to one of your other registered devices – for example on the Apple Watch. You can just click a button on the watch to log. Similarly, when you access the service on your Mac, you will be able to approve the log on his iPhone and so forth.

It may sound doubtful, in fact, this approach is safe. Only one of your trusted devices to request authentication, and only one trusted device can verify the request. An attacker who wants to impersonate you need to access immediately for both gadgets (and passwords!). For example, they need your iPhone and password as well as your Mac and password.

Although the Apple ecosystem is limited to its own devices, the Alliance wants all manufacturers have joined the movement. So you will be able to log on an Android smartphone, Android tablet, Chromebook, Windows PC or any other trusted device. Another Board member, Fido, Nok Nok Labs, already offers an SDK for the Apple Watch.

We still have much work to do before we finally give up the passwords. And it is unlikely this process will be quick, but with Apple it should accelerate markedly.