Google wants your next password to be your phone or a ring on your finger

googlelogo

The traditional password is now considered by many to be a security flaw. A combination of characters that can be cracked or even guessed is probably not the best way to safeguard our online lives today, and services like LastPass or 1Password provide an alternative through their software-generated passwords. But is there a better way to do it? Google seems to think so — and they want it to be physical objects.

A new research paper by the company will be published this month in the IEEE Security & Privacy magazine, but Wired already has a few details from the paper. The research done by Google involves numerous alternatives to the way we log into sites today, and the similarity between all of them is that they require physical devices. With these new methods, they aim to make password process not only simpler, but more secure.

One of the systems would involve embedded chips in smartphones. This would make sense because most people who would use a new kind of log-in process would probably have a smartphone anyway, and it’s something you always have with you. A more unusual method described in the research paper would use rings with embedded security tokens in them to log you in. While this could be convenient, I’m not sure how many people would like to have a ring on them just for their email password.

Something that is much more feasible at the moment is what they’re working on with YubiKey cryptographic cards, programming it to automatically log in a user when inserted into the USB port. This method doesn’t require any additional software, just a modified version of Chrome. Google is also working on a universal protocol that allows for device-based authentication, which would work independent of the company’s services, and would only require a browser to support the standard.

For now, we’re gonna have to look to Google’s two-step authentication, or services like LastPass if we want any added security. Despite the potential conveniences that Google’s proposed methods can bring, widespread adoption is probably a long ways off. But the important thing is, they’re working on it. And someday, all we’ll need for our computers to log us in would be our phone. Or a key. Maybe even a ring on our finger.

[via TechCrunch, Wired, image via Robert Scoble]

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

6 comments

  1. cutting costs in your retailing business

    Nice weblog right here! Also your web site rather a lot up fast!
    What host are you the usage of? Can I get your associate link
    for your host? I want my site loaded up as
    fast as yours lol

  2. Rob (Down Under)

    @Susanne:
    I agree (invent something useful).
    I have been waiting decades for voice recognition, that works.
    When they get that right (or even before), the phone could be trained to recognize our voice pattern. And for added security if it thinks there is a fair chance that the voice trying to open the phone, matches, it could then throw a secret question at us.
    I am worried I will die before they get that right (they being the technology world), so that I can walk in the door and speak to the house, and the TV.

  3. Mike

    And please keep in mind: not everyone in the world (or even tech.-advanced countries) has a smartphone (or wants one, and its monthly expense), despite what many tech. writers and smartphone owners believe . . . .

  4. Susanne

    Sure, that would work. ‘Cause NO one ever loses their smartphone, or leaves their ring on the bathroom sink after washing their hands. What could possibly go wrong?? Next they’ll be suggesting we just get ourselves microchipped and do away with passwords altogether. Which might not be a bad idea all around, but somehow I don’t see people standing in line to have it done. Creating — and remembering — secure passwords isn’t that hard; people are just that lazy.

    Wish these people would put their collective genius toward making the stuff they’ve already invented work better instead of just moving on to the next “great idea”, leaving a string of half-cooked brainstorms behind them.