WebAuthn has become an official web standard for logins, the World Wide Web Consortium and the FIDO Alliance said Monday.
“It’s common knowledge that passwords have outlived their efficacy,” the organizations wrote in a press release. “Not only are stolen, weak or default passwords behind 81 percent of data breaches, they are a drain of time and resources.”
WebAuthn, short for Web Authentication, is a browser and platform standard for simpler and stronger authentication processes, according to W3C and the FIDO Alliance. It lets users log in to their online accounts using their preferred device, biometrics or FIDO security keys.
WebAuthn is already supported in Windows 10, Android, Google Chrome, Mozilla Firefox, Microsoft Edge and Apple Safari browsers. Now that it’s an official web standard, that should encourage wider adoption of WebAuthn instead of passwords.
Passwords are becoming less popular. Google in February said Android is FIDO2-certified, which means devices can use fingerprints and security keys for logging in to accounts instead of passwords. The change affects those running Android 7 and up, half of all Android users. That’s approximately a billion devices