WebAuthn is a new way of logging into websites that may finally free you from remembering passwords. Instead, you’ll use you: your fingerprint or face, or a hardware token.
The WebAuthn API is now an official standard, ratified by the World Wide Web Consortium (or W3C) on Monday. Fortunately, it’s already been built into many popular browsers as well as Windows 10. Now it’s up to the web itself to incorporate it. Here’s how it will work.
What makes WebAuthn better?
You may have heard of the Collections data breaches: millions of usernames and passwords, some linked to one another, and published to the web. In part, that’s because websites currently ask you to log in and store a username and password within the site itself. If that data leaks publicly, then bad actors can use that information to see whether you’ve used the passwords elsewhere. That can lead to a cascade effect, where hackers gain access to more and more of your personal information.
Source:: IT news – Security