In the coming months, Chrome and other major web browsers will get support for a new way to sign in to websites, one that does not require a password.
The new standard targets to drive users away from current password-based systems, which leave users exposed to phishing attacks and other forms of stolen logon credential abuse.
Announced in a press release on April 10 by the FIDO Alliance (Fast IDentity Online) the World Wide Web Consortium (W3C), the new Web Authentication standard (WebAuthn) will allow users to move to the logins biometrics or verification using a USB security key.
The statement states that "Google, Microsoft and Mozilla have committed to the WebAuthn standard in their flagship browsers and have begun implementation for Windows, Mac, Linux, Chrome OS and Android platforms." WebAuthn is currently in the Candidate Release stage, awaiting the approval of W3C.
MORE: the security of your router stinks: how to repair it
A development status page for WebAuthn in Chrome shows that it is scheduled to be enabled by default in version 67, two main releases from the current version 65. The standard is already compatible with Firefox, and Edge will get support in the coming months, according to The Verge.
The login through USB security keys is already widely compatible with products like the Yubikey by major websites like Facebook, Google and Bank of America.
"While there are many web security problems and we can not fix them all, trusting passwords is one of the weakest links," said W3C CEO Jeff Jaffe. "With the multi-factorial solutions of WebAuthn, we are eliminating this weak link"
Image credit: Tahuna2001 / Shutterstock
Chrome browser tips