The industry organization FIDO Alliance has published a proposal with a new set of specifications to facilitate the export of access keys between different providers. It is an essential feature to support its use.

Passwords are inconvenient to use and insecure if not managed properly. But boy, there’s no way to get rid of them… Or is there but there is still time for mass adoption of alternatives. Access keys (access keys) offers a more secure and convenient alternative to passwords, allowing you to use personal identification numbers (PINs) or biometric authentication such as fingerprints or facial recognition to log in to websites and apps.

More devices to use Passkeys

The FIDO Alliance is working to create access keys and other credentials easier to export between different providers, improving interoperability between the Credential Providers Special Interest Group (SIG), which includes the key industry players that govern them: 1Password, Apple, Bitwarden, Dashlane, Enpass, Google, Microsoft, NordPass, Okta, Samsung and SK Telecom.

This secure credential exchange It’s a top priority, the organization acknowledges, because it can help accelerate passcode adoption and improve the user experience. Access keys are basically locked in the operating system or password management service, making them impossible to transfer when changing platforms, thus requiring users to create new access keys for each device.

The proposed new specification aims to address this gap with the Credential Exchange Protocol (CXP) and the Credential Exchange Format (CXF). “They define a standard format for securely transferring credentials in a credential manager, including passwords, access keys, and more, to another provider by default.”they explain.

At the time of announcing the new FIDO protocol, Amazon shared this more than 175 million of its clients they enabled access keys on their accounts almost a year after they first launched.

Access codes must be insisted upon significantly reduces the risk of data leakageas they provide protection against phishing attacks, prevent theft and unauthorized access. They work with unique codes linked to specific devices, which is a big advantage because unlike passwords, which are stored on servers (and therefore can be hacked or intercepted), access keys are stored locally on devices. Use them whenever they are available!