This article was published on March 5, 2019

Web apps will soon let you log in with hardware keys and fingerprints


Web apps will soon let you log in with hardware keys and fingerprints

Good news for security nerds (and the rest of us, really): WebAuthn (short for Web Authentication), a standard for authenticating your identity on the internet, has now been ushered in as an official standard by the World Wide Web Consortium and the FIDO Alliance. That means you’ll soon be able to use hardware devices, like USB security keys and biometric scanners, to securely log into web apps and services.

It also means you won’t need to remember passwords to access your accounts (though you should already be using a password manager to help with that).

The WebAuthn standard is already supported by popular browsers like Chrome, Firefox, Safari, and Microsoft Edge. All that’s left is for websites to adopt the API, and allow users the option to log in via WebAuthn-supported hardware.

It’s worth noting that Google already offers a similar option to log into its services using a hardware key; you’ll need to purchase two of them to sign up for it (one of them serves as a backup), and it’ll set you back by roughly $35-$45 for a set. These keys simply require you to plug them into your desktop’s USB port or connect to your system via Bluetooth. Some options also provide an additional layer of security by requiring you to authenticate yourself with a fingerprint.

A YubiKey offers additional layers of security by authenticating you with a hardware key, as well as your fingerprint
Credit: Yubico
A YubiKey offers additional layers of security by authenticating you with a hardware key, as well as your fingerprint

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Once this system of authenticating via secure hardware goes mainstream, people will have far less of a reason to re-use their old passwords. That should make them less prone to identity theft through data breaches of major online services, since hackers are known to try out the same username-password combination across several web apps to gain access to them.

Hopefully, we’ll see our favorite services adopt WebAuthn right quick, and hardware keys become more widely and cheaply available, so we can stop worrying about passwords and breaches quite as much as we do now.

TNW Conference 2019 is coming! Check out our glorious new location, inspiring line-up of speakers and activities, and how to be a part of this annual tech extravaganza by clicking here.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with