Google is paving the way for a world of no passwords on Android 7.0+ devices
5

Your fingerprint could soon replace all your online passwords
It's also a good idea to change your passwords from time to time to stay protected from increasingly sophisticated hacking methods, but then how are you supposed to remember or store that much delicate information without compromising your entire security setup? Well, soon enough, you may not have to do any heavy lifting of that sort on your Android phone, as FIDO2 certification is added to the market-leading mobile OS for devices running version 7.0 and up.
This essentially means alternative authentication options can now be offered by web and app developers with minimal effort. Just picture a world where you can access your private data and log into all kinds of apps and websites using your fingerprint or device unlock pattern instead of a complicated, vulnerable password. That's the dream Google and the FIDO Alliance are trying to turn into a reality, although Android app developers will still need to adhere to FIDO2 protocols.
That can be done through a "simple API call", but we might have to wait a while until the technology is widely adopted. When the time finally comes to ditch your passwords, Google and the FIDO Alliance are promising "strong cryptographic security that is transparent to the user", protecting against "phishing, man-in-the-middle and attacks using stolen credentials."
While you can easily guess why a website authentication system based on fingerprint recognition, cameras, and/or various local security keys won't be 100 percent infallible, its advantages are likely to outweigh certain inherent flaws. Technically, all Android 7.0+ devices are now FIDO2 certified either out of the box or after an "automated" Google Play Services update.
Things that are NOT allowed: