The web authentication standard eliminates the need for users to remember passwords. Still, the security level is not left aside. So, this is a huge help, as strong passwords are necessary to secure every account that we have. Let’s see what this new standard means, and what things come with it.
What is web authentication?
First of all, we should mention that it came as a necessity. The username-password combination was the only way to access online accounts. But users really hate it.
This might seem even more annoying, as for security reasons, using the same password for multiple accounts proves to be a security breach. Also, the necessary complexity of passwords increased, as hackers improved their ways of breaking into accounts.
If attackers manage to hack one account, they have access to all the others that use the same passwords.
Of course, there are password managers, which seem to have simplified the process and eliminate headaches for users. But the fact that they are also protected by passwords, also called master passwords, makes them vulnerable.
Also, multi-factor authentication came as a new way of protecting online accounts. They include additional verification factors, besides passwords.
The issue is that not too many users take advantage of this new security level. So, the companies that are part of the World Wide Web Consortium came up with a new standard: WebAuthn.
This is an option that eliminates passwords but brings in biometric data. So, we can now use fingerprints or facial recognition to log into our accounts. This makes it possible to eliminate phishing attacks.
How does it work?
This security standard works in every browser. Websites can check their users’ identities for log-in. To do this, they access the Web Authentication Application Programming Interface (API), in the browser.
So, the only thing users need to do is confirm their identities. And they can do this without letting the data leave their devices. So, the browser uses the public key procedure to send the confirmation to the web service. For this, website developers use JavaScript.
To make this authentication way even stronger, service providers can also involve Multi-Factor Authentication.
So, the main advantages of the new standard are:
- Prevents password phishing
- Eliminates ways to pass the system by accident.
- It excludes the possible occurrence of the man-in-the-middle attacks
- More secure and faster than multi-factor authentication, as not even one-time passwords are involved in the process.
The main drawback is when a user needs to register a new authenticator for an existing account. The process is pretty difficult.
Now, you know all you need about this standard and can decide the safest way for you to authenticate.