Soon users will get rid of old passwords and join a new safe standard. WebAuthn was developed for two years and now has the support of popular browsers.
What is known
The technology was supported in the latest update to Firefox and will soon reach Chrome. Edge will make friends with WebAuthn in a couple of months. Apple has not yet announced support for Safari, but helped to develop a new standard. The system already works with Google and Facebook services, where the Yubikey marker built into the FIDO standard is used for logging in.
How it works
WebAuthn allows you to register and authenticate using a phone, a security dongle or a TPM (Trusted Platform Module). The user provides the application with biometric data and uses WebAuthn to replace the classic passwords. In addition to verification, the "user presence" is confirmed. If you have a U2F token, for example Yubikey, the second authentication factor passes through the WebAuthn API.
The FIDO standard is built on proof with zero knowledge. There is not a single character string that guarantees access to the account, which makes it difficult for a typical phishing attack.