Tim Hardwick
The FIDO Alliance is developing new specifications to ensure secure transmission of passwords across different password managers and platforms. The initiative, announced Monday, is a collaboration between members of the FIDO Alliance Credential Provider Special Interest Group, including Apple, Google, Microsoft, 1Password, Bitwarden, Dashlane and others.
Passwords are an industry standard developed by the FIDO Alliance and the World Wide Web Consortium, and integrated into the Apple ecosystem with iOS 16, iPadOS 16.1, and macOS Ventura. They offer a more secure and convenient alternative to traditional passwords, allowing users to sign in to apps and websites the same way they unlock their devices: with a fingerprint, face scan, or passcode. Passkeys are also resistant to online attacks like phishing, making them more secure than things like SMS one-time codes.
The draft specifications, called the Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF), standardize the secure transfer of credentials between different providers. This removes the current limitation of passkeys often being tied to specific ecosystems or password managers.
For Apple users, the development could significantly improve the usefulness of passkeys on their devices and services. Once implemented, users will be able to securely move their passkeys between Apple's built-in password management system and third-party password managers, as well as to non-Apple platforms. It's worth noting that the new specifications are currently open for community review and feedback, so it may be some time before we see them implemented, and the specifications may change in the meantime.
Tag: Passwords[ 26 comments ]
