Back in the good old days things were a lot simpler. You didn’t have to worry about packet capturing or password extracting, and as a result a lot of the original protocols like HTTP, FTP and POP3 didn’t worry about sending your passwords over the wire in plain text. But in today's increasingly sophisticated API-driven world this isn't enough.
Recent investigations show how users can be authenticated via web without using passwords. It’s called WebAuthn or Web Authentication that uses a Web API in a browser. Clients can be verified with their phones, hardware keys, or trusted devices. In his article, Nick Steele explains the new standards
Today at Google I/O 2019, the company’s annual developer conference, CEO Sundar Pichai proclaimed that Google is working to “build a more helpful Google for everyone.” In addition to new features that increase accessibility, the company also addressed key concerns over data privacy.