- Google to replace passwords as a method of verifying identity online.
- The common denominator is FIDO2 authentication in both cases.
- Google in the FIDO Alliance and the W3C.
Google is going to replace passwords as a method of verifying identity online for Android users. They announced.
According to the post by Google Security Blog, Dongjing He, a Google software engineer, and Christian Brand, a Google product manager, explain that “new security technologies are surpassing passwords in terms of both strength and convenience.” This blog was posted on August 12. And adding to their statement, they said “ happy to announce that you can verify your identity by using your fingerprint or screen lock instead of a password when visiting certain Google services.”
At this point, only one thing can be told. Consider it a flagging of the intent to move to a password-less future, in much the same way that Microsoft has signaled an intention to replace Windows 10 passwords for 800 million users. The common denominator is FIDO2 authentication in both cases.
FIDO Alliance stands for Fast Identity Online, which is an industry body on a mission to solve the problem of passwords. It solves through the use of open standards that enable logins backed by strong cryptographic security. One of the changes that Google is making come “as a result of years of collaboration between Google and many other organizations in the FIDO Alliance and the W3C,” the announcement stated. Whereas, W3C is the World Wide Consortium.
And it recently approved a standard for a web authentication application programming interface (API) called WebAuthn, after three years of talking and testing.
For the first time, Google has enabled the same biometric credentials, your fingerprint, which is to be used by both native Android apps and web services. Register your fingerprint once on your smartphone, and then use it for both securely accessing your apps and web services. Which makes it something of a big deal for the future.
Google Password Manager
Though, it is limited to just the Google Password Manager service just for now. There is no indication as to when you will be able to use your fingerprint, or PIN, to access Gmail for example.
And the move to a password-less future for accessing Google services has already actually started. According to the announcement, the change is an immediate one. But, there is a caveat: the rollout starts with Pixel Android devices only but will become available to “all Android 7+ devices over the next few days.”
Peter Kivuti tweeted hours ago, “Google has announced that it is to start replacing passwords as a method of verifying identity online for Android users. Are you ready for a password-less Google?”
GroupSenseCyber tweeted an hour ago, “#Google quietly announced that it will soon allow #Android users to access certain Google services through fingerprint ID’s and screen locks.”