There’s no doubt that passwords are an absolute security nightmare. Creating and managing them is annoying, so people often reuse them or choose easily guessable logins—or both. Hackers are more than happy to take advantage. By contrast, passwordless logins authenticate with attributes that are innate and harder to steal, like biometrics. No one’s going to guess your thumbprint.
You likely already use some version of this when you unlock your phone, say, with a scan of your face or your finger rather than a passcode. Those mechanisms work locally on your phone and don’t require that companies store a big trove of user passwords—or your sensitive biometric details—on a server to check logins. You can also now use stand-alone physical tokens in certain cases to log in wirelessly and without a password. The idea is that, eventually, you’ll be able to do that for pretty much everything.
Read 15 remaining paragraphs | Comments