The World Wide Web Consortium (W3C) has announced a new standards effort in Web Authentication that aims to create a more secure and flexible alternative to password-based log-ins.The W3C work is based on the member submission of FIDO 2.0 Web APIs from the FIDO Alliance, as it believes these will enable the use of strong cryptographic operations in place of password exchange.”When strong authentication is easy to deploy, we make the Web safer for daily use, personal and commercial,” said Sir Tim Berners-Lee, Web Inventor and W3C Director. “With the scope and frequency of attacks increasing, it is imperative for W3C to develop new standards and best practices for increased security on the Web.”According to W3C CEO Dr. Jeff Jaffe, the Web Authentication effort will complement prior W3C work on a Web Cryptography API, currently in Candidate Recommendation status, and on-going work on Web Application Security specifications.However, the W3C said its Web Authentication technical work is being accelerated thanks to a W3C member submission of FIDO 2.0 Web APIs from members of the FIDO Alliance. The submitted APIs are intended to ensure standards-based strong authentication across all Web browsers and related Web platform infrastructure.This news is a significant step forward in the cross-industry FIDO Alliance's efforts to standardize strong authentication, said the alliance.Executive director Brett McDowell said: “Our mission is to revolutionize authentication on the Web through the development and global adoption of technical specifications that supplants the world's dependency on passwords with interoperable strong authentication. With W3C's acceptance of the FIDO 2.0 submission, and the chartering of this new Web Authentication Working Group, we are well on our way to accomplishing that mission.”