As revealed by Wired, Google VP of security Eric Grosse and engineer Mayank Upadhyay have outlined several ways to rethink the traditional password. The two are responding to the problem of password security. Passwords often don’t provide enough protection as we saw when tech journalist Mat Honan had many of his accounts hacked last August.
“Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,” Grosse and Upadhyay write in an upcoming paper for IEEE’s Security & Privacy magazine.
Two ways the Googlers imagine changing the password?
- A smartphone or smart-card ring that you wear that can authorize a new computer to give you access to certain sites or to the machine itself.
- Plugging a customized USB drive into the computer while you are browsing that automatically logs you in to sites. When you take out the USB drive, the sites no longer give you access.
While these are just a few ideas, it’s hard to say if they will see the light of day soon or far in the future. In the meantime, security experts agree that you should turn on multi-factor authentication (if you’re offered the chance) to protect your accounts.
Blowfish12@2012 blowfish12.tk Author: Sudharsun. P. R.
- Google aims to replace passwords with ID ring (telegraph.co.uk)
- Google taps Yubico for password USB rings of the future (slashgear.com)
- Forget that password, Google wants to replace it with USB keys and ‘smart rings’ (digitaltrends.com)
- Google ‘planning’ to kill passwords (timesofindia.indiatimes.com)
- Google’s password proposal: One ring to rule them all (news.cnet.com)
- Google experimenting with USB ‘keys’ to access accounts in bid to kill off passwords (mytechnologyworld9.blogspot.in)