February 17th, 2016
W3C Announced today the launch of the Web Authentication Working Group whose goal is to develop standards using strong cryptographic operations in place of password exchange. This approach offers a more secure and flexible alternative to password-based log-ins on the Web, often seen as being annoying to use and offering weak protection.
“When strong authentication is easy to deploy, we make the Web safer for daily use, personal and commercial,” said Sir Tim Berners-Lee, Web Inventor and W3C Director. “With the scope and frequency of attacks increasing, it is imperative for W3C to develop new standards and best practices for increased security on the Web.”
The W3C’s Web Authentication technical work is being accelerated thanks to a W3C member submission of FIDO 2.0 Web APIs from members of the FIDO Alliance. The submitted APIs are intended to ensure standards-based strong authentication across all Web browsers and related Web platform infrastructure.
The new Web Authentication Working Group’s first meeting will take place 4 March 2016 in San Francisco, conveniently timed for people who are also attending the RSA USA Conference. For more information about the Web Authentication Working Group, see the press release.