Firefox 60 was released a few weeks ago and now comes with support for the upcoming Web Authentication (WebAuthn) standard.
Other major web browsers weren’t far behind. Yesterday, the release of Google Chrome 67 also included support for the Web Authentication standard.
I’m excited about it because it can make the web both easier and safer to use.
Supporting for the Web Authentication standard will make the web easier, because it is a big step towards eliminating passwords on the web. Instead of having to manage passwords, we’ll be able to use web-based fingerprints, facial authentication, voice recognition, a smartphone, or hardware security keys like the YubiKey.
It will also make the web safer, because U2F will help reduce or even prevent phishing, man-in-the-middle attacks, and credential theft. If you are interested in learning more about the security benefits of the Web Authentication standard, I recommend reading Adam Langley’s excellent analysis.
When I have a bit more time for side projects, I’d like to buy a YubiKey 4C to see how it fits in my daily workflow, in addition to what it would look like to add Web Authentication support to Drupal and https://dri.es.