Some of the top password managers have teamed up with the FIDO Alliance to set new standards for secure password storage, even when switching between providers.
The new draft specifications were published by the Alliance’s Credential Provider Special Interest Group, which includes big names in the password and identity management game, including 1Password, Apple, Bitwarden, Dashlane, Enpass, Google, Microsoft, NordPass, Okta, Samsung and SK Telecom.
Passwords are a more secure and phishing-resistant alternative to passwords, and are widely expected to replace passwords entirely in the near future.
Improving safety, choice and competition
Access keys do not require you to enter a password, but instead use an authenticator app on a special device, such as your phone, to verify that the person trying to log in is actually you, usually through some form of biometrics.
According to statistics from the FIDO Alliance, passkey adoption has been very successful, with 12 billion online accounts currently using passkeys to log in. Additionally, password keys significantly reduce the risk of phishing and improve login speed by 75%.
The new specifications hope to ensure that users have a free choice between providers and are free to transfer their access keys and passwords between their choice of services. This is the first standard of its kind to be introduced in the credential management industry. You can view the draft specifications on the website FIDO Alliance Blog.
Currently, the specifications are in a community review and feedback phase, with regular updates being published publicly for review until the final specifications are approved and implemented.