Web authentication API, also known as WebAuthn, has been declared official by the World Wide Web Consortium. They’ve now launched a stable version that can be implemented by websites without fear of major changes in the future.
This standard is already supported in browsers like Google Chrome, Firefox, Safari and is also natively supported in Android 9.0 Pie. Hence, there will be no need to get new devices or software to get WebAuthn compliancy.
WebAuthn is the W3C’s step towards making the web password free. This API lets the users sign into their respective accounts using fingerprint verification (if the website supports it), mobile devices that are either nearby via Bluetooth or by sending code on your phone, or a FIDO security key that is basically a USB key.
Web Authentication allows the users to register to a respective website using an authenticator which can be any of the above-mentioned authenticators.
One would think that the implementation of WebAuthn will bring security problems, but it is actually the opposite. WebAuthn is a step towards a better and more secure internet future.
This model bypasses the risks of phishing and passwords theft that are common with today’s standards. User security and privacy will be maintained with the help of WebAuth implementation.
The fact that WebAuth has now been declared official does not mean that the passwords will be completely eliminated but this certainly means that the internet will be much safer.
We might see more and more websites start using this standard now that it’s official.