source : Snow leopard finance and Economics (ID:xuebaocaijingshe) author : Hanxing   edit : Zhang Han

Total market value exceeds 5.39 Trillions of dollars of global technology giants , Rarely let go of prejudices 、 Make a ball , Aim the gun at the virtual gatekeeper of human digital life —— password .

stay 5 month 5 On the world code day , Apple 、 Microsoft 、 Google jointly promises , The next year will be in all the movements they control 、 Establish support for password less login on desktop and browser platforms , To create a more secure personal information and Internet environment .

This is a joint action that cannot be underestimated . Apple accounts for 60% of the high-end smartphone market , The Android system developed by Google covers 70% Global users , Microsoft is the unstoppable overlord in the field of computer operating system .

The big three work together ,“ Kill ” Password victory is in sight ?

01 A rare united front

No password is more secure than a password , It sounds a bit counter common sense . But for many people , The concept of no password is not new .

stay PC Log in to wechat , It is a simple and intuitive scenario without password : stay PC After the endpoint opens wechat , The mobile phone receives a confirmation message , Then login through mobile authentication . Fingerprint unlocking, which is often used in life 、 Face scanning payment, etc , It can also be classified as non cryptographic technology .

in fact , Users who are used to automatic login and mobile phone authentication login , I'm afraid not many people still remember their wechat passwords . under these circumstances , Is it necessary for passwords to exist ?

Before ordinary users realize this problem , Apple 、 Microsoft 、 Google has been exploring for years to build a password free world .

At the recent Apple global developer conference (WWDC 2022) On , Apple announced a project called “Passkeys” New technology . When users need to use a website or application ,iPhone Will receive a request , The user can directly pass the fingerprint or face ID stay iPhone Authentication on , To log in directly .

picture source :WWDC Release conference

The process is not complicated , And there are two benefits : First, there is no need to remember the password , Second, the whole process is in one part iPhone You can finish it . It means , Any private information of the user will not be stored and disclosed by the third-party network server , Safety greatly improved .

Just like Apple's vice president of Internet technology Darin Adler said ,Passkeys Will not be stolen , Because it will never leave your device .

Before Apple , Microsoft and Google have also been in the field of no password for many years .

As early as 2017 year , Microsoft tried to use Microsoft Authenticator Let users log in to Microsoft account without secret .2018 year , Microsoft has upgraded this feature and applied it to Edge The browser and Windows 10 On the system . According to Microsoft official data , By 2020 year 5 month , Monthly 1.5 Million users are logging in without password .

2021 year , Microsoft announced that from that year 9 month 15 The date of , Users can completely delete their Microsoft account passwords , And choose to use Microsoft Authenticator application 、Windows Hello、 Authenticate the login device by means of security key .

Google is in 2019 Annual announcement , stay Android 7.0 And above , You can call fingerprint or facial recognition to log in to some supported websites .

stay “ Kill ” In the matter of passwords , The big three have reached a rare consensus .iOS And Android、Windows And MacOS, This time, we will not fight for market share , But to realize interconnection .

2013 year 、2015 Years and 2020 year , Google 、 Microsoft 、 Apple has joined FIDO union .FIDO(Fast Identity Online) The alliance is the online fast authentication alliance , It's a family PayPal、 Lenovo and other enterprises in 2012 year 7 The non-profit industry association established in May , At present, the membership has been expanded to 300 More than , These include ARM、 Apple 、 samsung 、 Amazon 、 Alibaba 、 Huawei 、Netflix And other famous enterprises , And the standard setting institutions and academic groups of governments .

Their common enemy , Has played an important role in the history of the Internet , But it also brings great troubles and security risks to human beings .

02 The world has been suffering for a long time

From boot password 、 Email password login password to various websites , Passwords have penetrated almost every corner of life . Remember all kinds of complicated passwords , It has become a big challenge that people have to face . A study by Oxford University and MasterCard found that , One third of online shopping stops , Because the user forgot the password .

Password management software Nordpass The security password advice given is , At least 12 digit , Contains upper and lower case letters 、 Numbers and special symbols , And every time 90 Change it at least once a day .

Meet the above password security recommendations , And do not reuse the password , It is undoubtedly a burden for ordinary users .

in fact , Most people don't care about password security .

According to Microsoft 2016 Annual data , about 20% Of Internet users are using duplicate passwords , in addition 27% Of users use passwords that are almost identical to those of other accounts . To 2018 year , There are still a large number of Internet users who prefer weak passwords , Not a secure password .

Nordpass released 2021 The list of the most commonly used passwords in shows ,“123456” More than 1.03 100 million times , It takes less than a second to crack . According to the FIDO Official website data ,80% The data leakage of is caused by the password , As many as 51% Your password has been reused , The average labor cost of resetting a password is 70 dollar .

picture source :Nordpass Website

On the one hand, most passwords are useless , On the other hand, the security flaw of the password itself is far greater than people think .

According to Reuters ,2020 year 6 month , World famous network security organization Awake Security A public report issued that , Google's browser Chrome There are serious loopholes , The personal data of tens of millions of users have been stolen by hackers . Statistics , The malicious daemon was at least downloaded 3200 Ten thousand times , It means 3200 The passwords of million users may have been stolen by hackers .

2014 year 9 month , Apple iCloud Hacked , Cause password disclosure , about 200 The private photos of celebrities spread on the Internet .

2018 year , Thanks to Apple online mall and mobile insurance company Asurion There are loopholes in the website , about 7200 ten thousand T-Mobile The password of the operator user has been compromised .

The increasingly serious password security problem not only brings risks to individuals and enterprises , It may even threaten national security .

According to the information released by China Network Security Review Technology and Certification Center , come from AntiSec The assailants of the organization have reported to the military contractors of the U.S. government Booz Allen Hamilton The attack , And publish 9 Million U.S. military e-mail addresses and passwords , Including the United States central command 、 Special operations command 、 Marine Corps 、 Air force and homeland security account passwords .

The world has been suffering for a long time . In the face of endless password security accidents and hidden dangers , Apple 、 Microsoft 、 Google urgently needs to be more secure 、 More efficient crypto free technology to the front stage .

2022 year ,FIDO The technological innovation of the alliance has accelerated this process .

stay 5 month 5 On the world code day , The big three jointly announced the expansion of support for the common password free login standard ,  It is expected to solve the pain point of cross platform certification in the next year .

The difference from the past is , this FIDO Two new breakthroughs have been made in cross platform operation . One is to allow users to access multiple devices 、 Including automatic access on new devices FIDO Login certificate , Instead of having to re register each account ; The second is to allow users to use on mobile devices FIDO authentication , To log in through a nearby device App And websites , No matter which operating system platform these devices run or which browser they use .

After a month , Apple took the lead in WWDC Handed in the first answer sheet .Passkeys Not only support the apple family barrel iPhone、iPad、Mac、Apple TV Inter bay equipment certification , At the same time, users can also use iPhone Unlock FIDO Other non Apple products in the Alliance .

but “ Kill ” password , It's not that easy .

03 “ Kill ” Passwords are not easy

In the last century 40 years , To break the German Code , Britain has developed a large-scale electronic computing device, corossas (Colossus), This is the first programmable computer in human history . Computers were born by cracking passwords , And then gave birth to the Internet .

80 After year , The technology giants born under the Internet want to “ Kill ” password , Create a more convenient 、 A more secure world without passwords . This is an extremely difficult task .

A password older than a computer , It has already penetrated into every corner of life .“ Kill ” password , It's not just technology upgrades , It is also a change of living habits , And it's not easy . just as FIDO The executive director of the alliance 、CMO Andrew Shikiar said :“ The first thing almost all users need to do is to set the password , What we need to do is break the habit .”

2020 year ,Windows 10 The number of active users has broken through for the first time 10 Billion . And then 5 In June, Microsoft announced that the number of users who log in without password every month is 1.5 Billion , Only about 15%. here , From Microsoft at Windows 10 It has been nearly two years since password free login was promoted on .

In addition to the fact that user habits are difficult to change in a short time , Another high wall across the front of the big three is : To achieve password free login , First of all, have a smart phone .

According to the Strategy Analytics Statistics , By 2021 year , Global presence 39.5 Billion people use smart phones , The penetration rate is about 50%. Besides , Not all smartphones can run password free technology . Apple's upcoming Passkeys You need to update iOS 16 Version to use , and iPhone SE 2016、iPhone 7 The previous old mobile phones are not available iOS 16 Update .

It means , If we promote password free login all over the world , At least half of the people will not be able to use .

Besides , although FIDO The alliance has made progress in cross platform applications , But cross platform key transfer is still a big pain point . Simply speaking , Although Apple phones can be used in FIDO Unlock non Apple products under the framework , But when users change to Android phones , The keys stored on the terminal also need to be transferred in batches .

Foreign media focusing on apple news 9to5Mac Express ,FIDO The solutions currently available , It is not possible to batch transfer keys between different ecosystems . If you want to go from Android Switch to iPhone( vice versa ), Users will not be able to move all keys . by comparison , Passwords are easier to transfer .

Just like Apple's vice president of Internet technology Darin stay WWDC As described above , The transformation from password is a journey . In this journey , Not just apples 、 Google 、 Microsoft , It also requires the participation of enterprises and users all over the world .

2022 The wheel of the year's history is particularly noisy ,iPod、IE browser 、 China proper Kindle Has been ruthlessly run over . Now , The password also saw the dust rising in the distance . Just this time , Technology giant “ Three British battles Lv Bu ”, The password is far from the white gate tower .