From CNET: With Mozilla's release of Firefox 60 on Wednesday, web browsers will start letting you log into websites without a password -- an important change in authentication technology that could help curtail costly phishing attacks.
Firefox 60 supports technology called Web Authentication, or WebAuthn for short, that can be used to grant you access to websites with a physical authentication device like a YubiKey dongle, biometric identity proof using an Android phone's fingerprint reader or iPhone's Face ID, and some other alternatives to passwords.
Passwords are a particular problem on the web. Fake websites can coax you to type in credentials that then can be used to steal money from your bank account snoop your email -- a problem called phishing. Even if you pick hard-to-guess passwords, never reuse them on multiple sites and always remember them, passwords still aren't that strong a foundation for security these days. We're still a long way away from a post-password future, but WebAuthn is an important step if nothing else in making sites more secure.
"It might be that, in a few years time, a significant number of people have a passwordless experience with at least one site that they use regularly. That'll be exciting," Google security expert Adam Langley said in a March blog post.
View: Article @ Source Site
