Webauthn will save users from familiar passwords
Soon, users will get rid of old passwords and join the new safe standard. Webauthn was developed for two years and now received the support of popular browsers.
What is known
The technology received support in the latest Firefox update and will soon get to Chrome. Edge will make friends with Webauthn in a couple of months. Apple has not yet announced support for Safari, but helped to develop a new standard. The system is already working with Google and Facebook services, where the Yubikey marker built into the FIDO standard is used to enter the entrance.
How it works
Webauthn allows you to record and authentication using a phone, hardware safety key or TPM device (Trusted Platform Module). The user provides the application with biometric data and uses Webauthn to replace classic passwords. In addition to verification, the “user’s presence” is confirmed. If you have a U2F token, for example Yubikey, the second authentication factor passes through the API Webauthn.
FIDO standard is built on proof with zero knowledge. There is not a single line of characters that guarantees access to the account, which complicates the usual phishing-atak.