Passwords that are stolen, re-used or insecure are still a big problem and a top issue the technology industry has to address.
Sandro Gianella, Google Germany’s public policy manager, states that we need to move away from passwords, and this is an issue the whole industry can support to move things forward.
But in light of many failed attempts by companies to get rid of passwords, an increasing number of large companies are joining FIDO (Fast Identity Online) Alliance, the panel told the ISSE 2015 security conference in Berlin.
The alliance introduced a government membership program in June 2015, with the US and UK governments being one of the first to join.
The Fido Alliance looks to get rid of the world’s dependency on password-based security through interoperable and open authentication standards, and has launched a certification programme that guarantees the interoperability of Fido-compliant services and products.
Chief executive of MTRIX in Germany, Malte Kahrs, stated that there are already many huge implementations and early adopters include Samsung, Paypal, Github, DropBox and Google. He added that one of the main drivers for Paypal was to free itself from supplier lock-in because utilizing an open standard means it is viable to move to other cooperative suppliers without changing anything.
Gianella stated that due to the Fido specification being publicly available; it can be executed by any organization, including non-members of the alliance such as DropBox.
Michael Kranawetter, Microsoft Germany’s head of information security, said that the long-term aim is to allow a single, secure means of logging in to all online services.
He added that users are searching for an easier way to access all their services that is usable in several environments, and Fido supplies that while improving security simultaneously, but they require the whole tech industry to align with Fido.
Bernd Kowalski from Germany’s federal office of information security stated that Fido is a step in the right direction.
Security has been inclined to focus on technology, but Fido centres on usability first. In truth, there is nothing new in Fido. This could have been executed ten years ago, but they at long last have the chance to enable a universal token.
There are many benefits to using the Fido standards. Panel moderator Kahrs, in closing, said that Fido represents an unequalled industry movement, and he encouraged all online service and technology providers to take a look and learn about how Fido could improve usability, potentially provide a market differentiator and increase security.