May 2022, Google unveils its plans to eliminate passwords. A plan to implement the FIDO standard is access to keys to unlock logins without the need to enter passwords. Apple announced something similar with Passkeys. These arrived on iOS 16.1 in January 2023. It is almost impossible to use them today.

We are still a long, long way from a scenario where the use of passwords is left behind. The two main people responsible for change put everything on their side: neither tech companies nor developers of apps and web pages.

suggested destinations: Get rid of passwords, a clear and direct plan. This offering is based on FIDO protocols, which are public cryptography-based keys with which authentication is performed by a client device on a web page or application. In other words and with a simple example: Login to a web page by unlocking our mobile with PIN, face or fingerprint.

Thus, it will be sufficient to keep our mobile phone next to the PC in order to be able to log in wherever we want without a password. It seems like a simple plan to implement. Proof that this isn’t the case is that big announcements started coming in last year. Using these technologies today is terrifying.

a solid foundation: We do not look at this scenario with a completely negative vision. The foundations of the building are a reality. Apple has already integrated the Passkeys system into macOS Monterey alongside iOS 16.1.

Chrome also has its own password system compatible with both macOS and Windows starting with Windows 10. Microsoft is also in the game: since 2021, it lets you use the Authenticator app to remove the password and sign in using biometrics.

The problem is implementation. The efforts of Google, Apple or Microsoft alone are not enough to move towards a passwordless future: it requires substantial support from web and app developers. Nowadays, it is quite difficult to find websites compatible with Passkeys.

In an ideal scenario, after opening any website or application with a registration function, we should see the heading Password: a warning that we can log in without a password using the biometrics of the PC or using the mobile phone as an identifying device. Really? We are far, far away from the vast majority of sites that implement this system.

“Passwords will continue to be a part of our lives during this transition period, so we will continue to focus on making traditional logins more secure.”

An uncertain transition period: Google has predicted that 2023 will be the year that support for these keys will be generally available. Technically it’s like this: Microsoft, Google and Apple have developed technologies to implement, but even they don’t push it.

Without going further, biometric-only login to the main Google services is still not possible to date (password still required). Apple doesn’t have an aggressive practice either, but has a reliance on biometric methods as alternative methods to the password (although it’s still mandatory to create a password in the first place). We have the technology, but the road to final implementation will be long.

Image | apple orb

on Xataka | 16 best password managers to protect and remember what you have