一些全球人氣最高的網(wǎng)頁瀏覽器正努力弄死密碼。

制定互聯(lián)網(wǎng)標(biāo)準(zhǔn)的組織FIDO聯(lián)盟和W3C聯(lián)合推出了一個(gè)新的認(rèn)證標(biāo)準(zhǔn)，允許網(wǎng)頁瀏覽器和網(wǎng)站支持以生物辨識技術(shù)替代登陸密碼。這項(xiàng)名為WebAuthn的標(biāo)準(zhǔn)其實(shí)是一種應(yīng)用程序接口（API），網(wǎng)頁開發(fā)者可以應(yīng)用在網(wǎng)站上，通過指紋識別、甚至像蘋果Face ID一樣的面部掃描技術(shù)確認(rèn)用戶的身份。

據(jù)美國科技媒體Engadget稍早報(bào)道，火狐瀏覽器已經(jīng)在配合WebAuthn，谷歌的Chrome和微軟的Edge都將在未來幾個(gè)月調(diào)整適配WebAuthn。運(yùn)營Safari瀏覽器的蘋果公司尚未宣布支持WebAuthn。

從技術(shù)角度看，WebAuthn問世可能提升互聯(lián)網(wǎng)的安全性。多年來，黑客攻擊、網(wǎng)絡(luò)詐騙和數(shù)據(jù)泄密層出不窮，僅憑密碼保護(hù)數(shù)據(jù)安全已經(jīng)不夠。互聯(lián)網(wǎng)企業(yè)轉(zhuǎn)而采用二元認(rèn)證。這種方式要求用戶除了提供密碼，還要輸入發(fā)送到智能手機(jī)上的驗(yàn)證碼確認(rèn)身份，但還是沒有生物識別方式安全。

去年9月，蘋果發(fā)布新款iPhone，當(dāng)時(shí)詳細(xì)介紹了生物識別安全技術(shù)。蘋果表示，如果使用iPhone的Touch ID指紋掃描技術(shù)，每5萬次識別之中可能會(huì)失敗一次。而如果采用Face ID掃描面部，失敗比例會(huì)下降到百萬分之一。兩種方式不管選哪種，都比單單一個(gè)密碼要強(qiáng)。

不過，短期內(nèi)密碼不會(huì)很快消失。雖然WebAuthn已經(jīng)正式發(fā)布，但還只是一種“推薦”方式，可能要經(jīng)過調(diào)整才能成為行業(yè)標(biāo)準(zhǔn)。無論如何，新推薦方式為網(wǎng)站和瀏覽器替換現(xiàn)有密碼奠定了基礎(chǔ)?，F(xiàn)在就看網(wǎng)站經(jīng)營者和瀏覽器公司如何擔(dān)負(fù)責(zé)任全力支持了。（財(cái)富中文網(wǎng)）

譯者：Pessy

審校：夏林

Some of the most popular Web browsers are trying to kill your passwords.

Internet standards organizations the FIDO Alliance and W3C have launched a new specification that allows Web browsers and websites to support biometric encryption methods in place of passwords. The specification, called WebAuthn, is an application programming interface (API) that Web developers can integrate into their websites and allow fingerprint readers and even face scanners like Apple’s Face ID to verify a person’s identity.

According to Engadget, which earlier reported on WebAuthn, Firefox already works with the technology. Google’s Chrome and Microsoft Edge are slated to add support for WebAuthn within the next few months. Apple, which operates its Safari browser, has yet to announce support for WebAuthn.

The move could technically create a more secure Internet. As the rash of hacks, scams, and data breaches have shown over the last several years, passwords alone are not necessarily a suitable safeguard for data. Companies have moved to two-factor authentication, which requires users to input a code sent to their smartphones in addition to a password to verify their authenticity, but that still isn’t as secure as biometrics.

At its iPhone unveiling in September last year, Apple talked in detail about biometric security. The company said that its Touch ID fingerprint scanner could be duped in 1 in 50,000 cases. That jumped to 1 in 1 million cases with its Face ID face scanner. Either way, that’s better than a simple password.

Still, passwords aren’t dying anytime soon. While WebAuthn has officially launched, it’s still considered a “recommendation” and could be modified before it becomes a standard. The recommendation paves the way for websites and browsers to support alternatives to passwords, but now the onus is on website owners and browser companies to support it.