Passwords have always been a feeble aspect of digital security.Perhaps this is what is making Google to move away from passwords and look for more security in dedicated devices.However,it needs to persuade the rest of the web to follow the scheme.
IEEE Security & Privacy Magazine edition for the next month will carry a report by Google VP of security, Eric Grosse and Mayank Upadhyay,who is
an engineer,about their vision on a world without passwords and why it will be more secure.These authors will describe a scenario in their report where they will explain how a single device will be used to confirm the identity of the users.
YubiKey,a minute cryptographic USB was used in their experiments,which is a customized version of Google Chrome.The idea is to take the wireless technology and integrate it with the devices of the users such as mobile phones.Well,of course,you would be in trouble if you misplace your authenticator gadget.
The new and important piece of research extends further than Google.A Google-independent protocol has been developed that requires special software to validate a security device.It also prevents websites from keeping track of the users by means of their security tools.The user just needs to be running browser that sustains the protocol.
Google,along with other main websites is looking for means to strengthen passwords with 2-step verification systems.Users can make use of a special app generating entry codes or make use of six-digit code when logging.
Facebook, and other major services are looking for better security and offering similar options.Google is convinced that passwords and cookies are no longer adequate to keep users safe.There are some better options that offer better security and do away with the need of passwords.It will be interesting to see how things work out in the future and make internet a safer place to be in.