The W3C has announced that the Web Authentication (WebAuthn) specification is now an official Web standard. WebAuthn allows users to login into various accounts with more security than a standalone password. Security is increased through the use of mobile devices, biometrics, or FIDO security keys.
"Now is the time for Web services and businesses to adopt WebAuthn to move beyond vulnerable passwords and help Web users improve the security of their online experiences," Jeff Jaffe, W3C CEO, commented in a press release. "W3C's Recommendation establishes Web-wide interoperability guidance, setting consistent expectations for Web users and the sites they visit. W3C is working to implement this best practice on its own site."
The specification is already supported on Windows 10, Android, Google Chrome, Firefox, Microsoft Edge and Apple Safari. WebAuthn certainly adds security above the outdated password method of login, but it also offers advantages over multi-factor authentication (which continue to leave users vulnerable to phishing attacks).