Google has released its Chrome 67 desktop browser, featuring support for the WebAuthn API designed to lessen our reliance on typed usernames and passwords.
Chrome 67 for Windows, Mac and Linux will enable users to register and sign-in using biometric information gleaned from an accompanying smartphone, or a USB key.
On sites supporting the standard, desktop users will receive a prompt on their smartphone after choosing to create an account. From there users be asked to use their fingerprint, retina, facial recognition from a tool like Face ID or even a photo from their library. This process can be repeated whenever users attempt to sign into the website after registration.
Related: Best web browser
The tool, which is already supported by Firefox 60, also allows access via physical authentication devices like the YubiKey USB dongle.
While there’s still a long way to go before this tech is mainstream it is thought the WebAuthn tech could play a major role in limiting password and identify theft, while cracking down on the effectiveness of online phishing attacks.
External authenticator
The tech has been developed by the FIDO Alliance and the World Wide Web Consortium (W3C), who wrote in a joint press release last month: “Enterprises and online service providers looking to protect themselves and their customers from the risks associated with passwords — including phishing, man-in-the-middle attacks and the abuse of stolen credentials — can soon deploy standards-based strong authentication that works through the browser or via an external authenticator.”
When Mozilla rolled out Firefox 60 last month it extolled the virtues of WebAuthn. It wrote: “It supports various authenticators, such as physical security keys today, and in the future mobile phones, or biometric mechanisms such as face recognition or fingerprints. When your YubiKey is plugged in, the website will read it and automatically log you into your accounts.”
Elsewhere, Chrome 67 includes the Generic Sensor API, which allows web apps to communicate with sensors in VR headsets and other wearable devices like fitness trackers (via Chrome Releases). So, in the case of VR headsets, web apps will be able to pick up the turn of a head and react accordingly.
Are you too heavily reliant on passwords? Drop us a line @TrustedReviews on Twitter.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
