Earlier this year, Apple joined thethe Fast Identity Online (FIDO) alliance to support passwordless authentication. Now, we’re seeing the first big announcement related to this development: the upcoming Safari 14 will support passwordless authentication. Apple made this announcement at a recent session during its developer conference WWDC.
What does it mean for you? You can sign into websites on Safari using your iPhone’s Face ID or Touch ID. Additionally, you can use hardware security keys that support FIDO standards for authentication as well. One example is Yubikey, which offers dual-connector authenticator with lightning and USB-C support.
Apple already allows you to sign into apps using Face ID and Touch ID though keychain. Now, it’s also extending this support for websites in Safari 14, which will be available with iOS 14 and macOS 11.0 later this year. The company started testing support USB-based keys in Safari in 2018. However, the full support for hardware keys will roll out later this year.
Web authentication standard used with iPhones provides multi-factor authentication. First, with the secure enclave of your iPhone, and second, with Touch ID or Face ID biometrics. This way, authentication’s scope is limited is just to the website, and chances of a Phishing attack are low.
Other browsers and companies already support this authentication standard. Last year, Google rolled out support for passwordless login for Chrome for Android using biometric authentication; the supporting tech was based on FIDO2 standards. Windows Hello also got such certification last year. Mozilla Firefox and Microsoft’s Edge support password-free authentication as well.
You can learn about Apple’s web authentication standard support here.