The Apple Watch could completely replace passwords and one-time codes, thanks to a new form of authentication being touted as a way to “solve the world’s password problem.”

I’ve argued before that passwords are horrible

They were fine way back in the days when we only needed a handful of them, but these days you need a password to do everything from transferring photos from a camera to an iPad through to ordering a pizza. We probably each have hundreds of the darned things.

And passwords are especially horrible on iOS devices — where we have to switch an on-screen keyboard between letters, numbers, and symbols multiple times to type a single password.

In theory, a combination of password managers and Face ID or Touch ID means we should never have to type them manually, but the reality is very different. We can all think of countless examples of occasions where an app, corporate system, or a website with many URL variations requires a manual login.

The problem with passwords

The FIDO Alliance, an organization founded to create a safer and simpler alternative to passwords, points to the numerous problems they create.

  • Passwords are the root cause of 80% of data breaches
  • The average person has more than 90 online accounts
  • Up to 51% of passwords are reused
  • A third of online purchases are abandoned due to a forgotten password
  • The average help desk cost of a single password reset is $70

There are already hardware alternatives to passwords, like the YubiKey, but one of the companies behind the FIDO Alliance believes it makes more sense to use a device many of us already have on our wrists: a smartwatch.

How your Apple Watch could replace passwords

To get the ball rolling, Nok Nok Labs is offering a FIDO-based SDK for the Apple Watch.

We allow smart watch Apps to strongly and conveniently authenticate to backend services — no need for the user to enter passwords or one-time passcodes.  This allows you to see your account balance, stock portfolio — and make sure others can’t.

With the Nok Nok App SDK for Smart Watch, our customers are able to standardize on next-generation authentication across all digital channels — including smart watches. Smart watch apps can have a strong, device-bound credential that doesn’t need frequent renewal and server-side infrastructure can be standardized to support industry standards, including FIDO next-generation authentication — across all digital channels.

Instead of being prompted for a password, your watch would simply ask you to tap a checkmark to authorize a login on your iPhone, iPad, Mac, or PC. Those without an Apple Watch can already do the same thing on a smartphone.

At the moment, it’s mostly being pushed for enterprise systems, but the longer-term aim is for FIDO to become a web standard so that passwordless authentication can be used for any website. That can’t happen a day too soon for me.


FTC: We use income earning auto affiliate links. More.

totallee clear case iphone 11

Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!

Ben Lovejoy's favorite gear