Google is paving the way for a world of no passwords on Android 7.0+ devices

Google is paving the way for a world of no passwords on Android 7.0+ devices
Your fingerprint could soon replace all your online passwords

Even if you don't use one of the world's most popular passwords (popularity being a bad thing in this particular case), keeping your data secure across the web can be a major hassle. The best passwords are lengthy, unique to every single app or service requiring login credentials, and composed of as many different (and ideally, random) alphanumeric characters as possible. 

It's also a good idea to change your passwords from time to time to stay protected from increasingly sophisticated hacking methods, but then how are you supposed to remember or store that much delicate information without compromising your entire security setup? Well, soon enough, you may not have to do any heavy lifting of that sort on your Android phone, as FIDO2 certification is added to the market-leading mobile OS for devices running version 7.0 and up.

This essentially means alternative authentication options can now be offered by web and app developers with minimal effort. Just picture a world where you can access your private data and log into all kinds of apps and websites using your fingerprint or device unlock pattern instead of a complicated, vulnerable password. That's the dream Google and the FIDO Alliance are trying to turn into a reality, although Android app developers will still need to adhere to FIDO2 protocols.

That can be done through a "simple API call", but we might have to wait a while until the technology is widely adopted. When the time finally comes to ditch your passwords, Google and the FIDO Alliance are promising "strong cryptographic security that is transparent to the user", protecting against "phishing, man-in-the-middle and attacks using stolen credentials."

While you can easily guess why a website authentication system based on fingerprint recognition, cameras, and/or various local security keys won't be 100 percent infallible, its advantages are likely to outweigh certain inherent flaws. Technically, all Android 7.0+ devices are now FIDO2 certified either out of the box or after an "automated" Google Play Services update.

In case you're wondering, this FIDO Alliance you may not have heard much about until just now is a 2012-created industry consortium aiming to "remedy the problems users face with creating and remembering multiple usernames and passwords." This Android-adopted solution to that age-old predicament has already been implemented in Google Chrome, Microsoft Edge, and Mozilla Firefox browsers, with Apple's Safari currently offering "preview support."

FEATURED VIDEO

8 Comments

1. androiduser

Posts: 504; Member since: Jun 18, 2014

Amazing

3. blingblingthing

Posts: 890; Member since: Oct 23, 2012

Streamlined innovation. A step in the right direction.

2. Leo_MC

Posts: 6638; Member since: Dec 02, 2011

Android users will love this. In Apple ecosystem this has been long time solved through iCloud keychain.

4. midan

Posts: 2578; Member since: Oct 09, 2017

"Just picture a world where you can access your private data and log into all kinds of apps and websites using your fingerprint or device unlock pattern instead of a complicated, vulnerable password." And picture it even further. Don't touch anywhere and let the device do the magic for you, that's face ID.

5. koioz

Posts: 132; Member since: Nov 29, 2018

Chinese phones like iphone, oneplus, xiaomi and huawei has face id. Am I correct?

7. Leo_MC

Posts: 6638; Member since: Dec 02, 2011

You're incorrect: only Apple has Face ID, the others have a face recognition system that allows them to authenticate. The difference is in the level of security.

6. Gruuuvy

Posts: 1; Member since: Feb 25, 2019

Unfortunately, if you own a phone with Esim and your credentials are kept on the device and the device is lost then you'll not only need a new phone but a new phone number..... But I welcome FIDO2 for my Google phone...

8. Leo_MC

Posts: 6638; Member since: Dec 02, 2011

If you save your credentials in the cloud or you keep your phone backed up (also in the cloud or on an external storage), you can always restore your esim data.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.