March 13, 2013 weblog
Google vision of password rings heard at security event
(Phys.org) —Google finds much appeal in gaining the distinction of leading the way toward a future where USB sticks and rings can replace traditional passwords. The idea of killing off passwords has been an attractive one at Google for some time. This year, remarks by a Google engineer indicate Google is still taking the challenge seriously. Speaking at the recent RSA security conference in San Francisco, Google principal engineer, Mayank Upadhyay commented about Google's interest in a time when password obligations can be dumped and replaced with secure authentication tokens.
Google's focus on alternatives includes a slim USB key for inserting into a computer and proving validity, and with a chip inside so that it can be used to log into the user's sites via smartphone or tablet. Another pathway toward password replacement could be in the form of special jewelry to validate the user identity. Google has been paying additional attention to a prototype ring that could serve as an authentication device.
Google has been in touch with the FIDO (Fast IDentity Online) Alliance, formed in July last year to ease the way into more convenient but safe modes of authentication. The alliance hopes to come up with specifications for interoperable mechanisms that can end reliance on traditional passwords.
The argument in support of better authentication modes has been that the alternatives could relieve the headaches users have in forgotten or stolen passwords. Also, those who re-use their passwords across services have the risk of interception by malware. According to reports, Google has been discussing its aims with FIDO.
As of February this year, FIDO said its ranks included Internet companies, system integrators and security providers. The FIDO release said founding member organizations Agnitio, Infineon Technologies, Lenovo, Nok Nok Labs, PayPal, and Validity were developing the specification and FIDO-compliant products.
© 2013 Phys.org