A pair of authentication standards published this week have received endorsement from Mozilla, Microsoft and Google: the WebAuthn API, and the FIDO Alliance’s Client-to-Authenticator Protocol. The aim of WebAuthn and CTAP is to offer an authentication primitive that doesn’t rely on server-stored passwords, since a user’s fingerprint or even their unlock pattern is safer for both user and Web site owner.
ORIGINAL SOURCE: The Register