At this year's IT security-focused RSA Conference 2018, Google and Microsoft are planning to debut a challenging decades-old security method that could make everybody safer. Namely, the two companies plan to discuss their own new authentication methods and the need to drive FIDO2 encryption into the mainstream. The idea behind the technology, the concept of which has been around since the 1970's, is that it effectively uses randomized private signatures instead of passwords – which utilize shared keys. Users hold public and private keys which are used to generate those signatures so that they can't be used to re-access an account even if they are intercepted. No database of passwords needs to be stored and the signature is no longer valid following login. If pushed into the mainstream, the standard could signal the end of password-protected accounts entirely.
Google, for its part, has shown interest in the implementation of FIDO2 for quite some time. For the conference, the companies will be joined by the head of the FIDO Alliance executive director as a moderator. That may or may not be an indication of how important the debut is. At this point, however, it's impossible to say what the implications of the debut are. The search giant has said that it will focus on its own internal security measures which cover the range of the Google Cloud platform so many of its products are built on. One of the more obvious goals will be to discuss and spread awareness about the importance of robust security in the modern age. News reports have been filled to the brim with examples of failed security and breaches. Some of the companies efforts and those of Microsoft will undoubtedly center around the advantages of FIDO2. They could even reveal a collaborative effort to implement standardized encryption adhering to FIDO2 in their own products.
Whether or not FIDO2 finally catches a break at the event, now that the hardware environment can support it, remains to be seen. Regardless, the discussion should serve as a guide for gaining the improved security in the industry. That makes it a very important discussion as technology continues to become more of an intrinsic part of day-to-day life, especially with the advent of the IoT. In the meantime, the debut is scheduled to take place on April 20. So, at very least, there isn't much time left before everybody finds out what all of the fuss is about.