Google is paving the way for a world of no passwords on Android 7.0+ devices
Your fingerprint could soon replace all your online passwords
Even if you don't use one of the world's most popular passwords (popularity being a bad thing in this particular case), keeping your data secure across the web can be a major hassle. The best passwords are lengthy, unique to every single app or service requiring login credentials, and composed of as many different (and ideally, random) alphanumeric characters as possible.
It's also a good idea to change your passwords from time to time to stay protected from increasingly sophisticated hacking methods, but then how are you supposed to remember or store that much delicate information without compromising your entire security setup? Well, soon enough, you may not have to do any heavy lifting of that sort on your Android phone, as FIDO2 certification is added to the market-leading mobile OS for devices running version 7.0 and up.
This essentially means alternative authentication options can now be offered by web and app developers with minimal effort. Just picture a world where you can access your private data and log into all kinds of apps and websites using your fingerprint or device unlock pattern instead of a complicated, vulnerable password. That's the dream Google and the FIDO Alliance are trying to turn into a reality, although Android app developers will still need to adhere to FIDO2 protocols.
That can be done through a "simple API call", but we might have to wait a while until the technology is widely adopted. When the time finally comes to ditch your passwords, Google and the FIDO Alliance are promising "strong cryptographic security that is transparent to the user", protecting against "phishing, man-in-the-middle and attacks using stolen credentials."
While you can easily guess why a website authentication system based on fingerprint recognition, cameras, and/or various local security keys won't be 100 percent infallible, its advantages are likely to outweigh certain inherent flaws. Technically, all Android 7.0+ devices are now FIDO2 certified either out of the box or after an "automated" Google Play Services update.
In case you're wondering, this FIDO Alliance you may not have heard much about until just now is a 2012-created industry consortium aiming to "remedy the problems users face with creating and remembering multiple usernames and passwords." This Android-adopted solution to that age-old predicament has already been implemented in Google Chrome, Microsoft Edge, and Mozilla Firefox browsers, with Apple's Safari currently offering "preview support."