Microsoft is looking to Fido to help move beyond passwords. That’s the Fido Alliance, an industry organization that is attempting to standardize authentication protocols and make passwords less necessary. This week, the technology giant lent its weight to the effort by taking a seat on the organization’s board of directors.
An acronym of Fast Identity Online, the organization started in July of last year. Microsoft joins other major technology firms in the effort, including Google, PayPal, MasterCard, BlackBerry, LG and Lenovo.
The Fido Alliance says on its Web site that its key goals are to increase ease of use, privacy and security, and standardization. The organization is also attempting to foster innovation in creating authentication that goes beyond passwords, an innovation that it believes has been stymied because of the many proprietary clients and protocols currently required.
The organization said that by standardizing client and protocol layers, a “thriving ecosystem” could be created that utilizes biometrics, PINs and second-factors usable across devices and platforms.
The standardization Fido is interested in advancing utilizes standard public key cryptography, involving a public key that is registered with an online service at the initial setup. This is followed by a local authentication method, such as a secure PIN, biometric ID from face, voice or fingerprint, or a second-factor keychain device.
Under the Fido approach, any biometric or personally identifiable information stays on the local device and is not shared over a network. The alliance notes that such a standardized system could reduce the reliance on passwords, would be easier to use, and could increase security.
Laura DiDio, an analyst with industry research firm Information Technology Intelligence Corp., pointed out that two industry heavyweights have not joined the organization -- Apple and Samsung.
She said that, “if you go back 15 years, Microsoft got beaten up on the security front,” but that in the last dozen years or so it has “gotten serious and put a lot of R&D behind security,” as well as implemented “state-of-the-art encryption and Windows support for biometrics.” Earlier this year, the company also began to implement two-factor verification as an option for such Microsoft services as Xbox Live or Skype.
It’s not yet clear what Microsoft wants to accomplish through Fido, DiDio said, but it’s “a powerful alliance” that could result in the computing industry seriously moving beyond passwords “within two or three years.” In October, for instance, the Fido Alliance indicated that fingerprint readers using its standardization could start appearing on Android devices early next year.
Meanwhile, Lenovo and authentication researcher Nok Nok Labs announced Thursday that they have formed a partnership to create a joint solution to counter the reliance on passwords that are either too weak or too complex. The goal is to deliver a Fido-compatible solution, also in the early 2014 timeframe.
Posted: 2013-12-13 @ 5:15pm PT
use ssh keys. have been around for ages, are standard on all decent operating systems, can be somewhat supported on Windows too and are safe.