The World Wide Web Consortium (W3C), the standards body for Web development, has announced that it is creating a new Web Authentication Working Group. The group's goal will be to create a standard for strong authentication that doesn't require a password.
“Every other week you see news of a password leak or data leak from another major site, and as a user of the Web, every place you go you are asked to log in with a username and password,” said Wendy Seltzer, technology and society domain lead for the W3C. “That is difficult to manage on the user side, and not the best we can do in security.”
Tim Berners-Lee, director of the W3C, added, “When strong authentication is easy to deploy, we make the Web safer for daily use, personal and commercial. With the scope and frequency of attacks increasing, it is imperative for W3C to develop new standards and best practices for increased security on the Web.”