The dangers of FIDO’s passwordless approach

The Fast Identity Online (FIDO) Alliance is aiming to remove the use of passwords to gain access to online accounts. The group includes tech giants like Microsoft, Apple and Google, and intends to go passwordless – instead using PINs, biometrics, and phone identification techniques. But this approach could be flawed. Julia O’Toole, Founder and CEO of MyCena Security Solutions, highlights the misguided nature of FIDO’s approach. “In the physical world, the difference in applications is straightforward. Your identity is used to identify yourself…it just validates that you are who you say you are.” She adds, “By contrast, your front door doesn’t recognise your identity; instead, you use your keys to unlock access.” By mixing the two and using a single point of access, FIDO’s approach could mean a user losing all of their accesses at once and being open to easy theft.