Tuesday, 22 January 2013

Google explores password alternatives, plans smart rings or USB-based cards


With Internet deepening its roots in our lives, the dependency on stronger and more complicated passwords has grown more than ever. However, most of us have multiple e-mail IDs, social networking accounts and for other online activities. Remembering long and different passwords for all IDs is quite painstaking. Search engine Google has now decided to resolve the problem by introducing a smart ring or a USB-based cards that can confirm users identity online.

In a paper that is going to be published in IEEE Security & Privacy Magazine this month, Google's VP of Security Eric Grosse and Mayank Upadhyay will be revealing the alternatives users may have for passwords in the near future.

The duo has also provided Wired a preview of their paper, which illustrates the option to use a cryptographic card from Yubico to log into Google services such as Chrome, Drive and Gmail. Wired in its report pointed out the Google engineers had to modify Chrome in order to get the cards working. But after the modification, no other installation was required. This means users can register with one click.

"We're focused on making authentication more secure, and yet easier to manage," says a Google spokesman in a statement. "We believe experiments like these can help make login systems better."

It's notable industries that handle secure information have been using authentication tokens to log into work accounts. But service providers such as Google have been using 'password' approach.

The paper also talks about the other options such as a “smart ring” or a device that would authorize a new PC with one tap. These devices will ultimately ease up burden of remembering passwords.

"Others have tried similar approaches but achieved little success in the consumer world," say Google officials. “Although we recognize that our initiative will likewise remain speculative until we've proven large scale acceptance, we're eager to test it with other websites."

“The future may not exactly be password-free, but it will at be least free of those complex, hard-to-remember passwords”, says Grosse. “We’ll have to have some form of screen unlock, maybe passwords but maybe something else, “but the primary authenticator will be a token like this or some equivalent piece of hardware.”

No comments:

Post a Comment