Passwords ‘no longer enough’ for online safety

A Google research paper highlights the lack of protection passwords offer internet users and the growing need to reinvent the authentication system to ensure safe surfing.

The paper, set to be published in the IEEE Security & Privacy Magazine later this month but already seen by Wired Magazine, puts forward a strong argument for the abolition of traditional internet passwords in favour of a physical token such as a “smart ring” or a card that connects to the computer via the USB slot.

“Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,” write Google’s Eric Grosse and Mayank Upadhyay in the paper.

“We’d like your smartphone or smartcard-embedded finger ring to authorise a new computer via a tap on the computer, even in situations in which your phone might be without cellular connectivity,” they add.

The paper highlights the difficulty users have in creating and remembering strong and unique passwords for each of their online services and also shows the progress Google has already made in adopting its own services to work with a YubiKey — a small cryptographic card — which, when connected to a computer’s USB port, automatically logs the user into Google.

Barely a week goes by without a report of a high-profile website or web service — from Google Mail to Yahoo to Sony — being hacked and account details being compromised. In August, a single Dropbox employee’s account was hacked and the attackers obtained a list of users’ email addresses. In June last year, hackers stole 6m LinkedIn passwords and posted them to a Russian site to crowdsource the key to their encryption.

At the same time, the threat of malware and phishing attacks has never been greater. Use of a physical token for identification would cancel all of these threats, and if any company has the power and influence to change the way users are authenticated on the web, it is Google.

© Irish Examiner Ltd. All rights reserved

Email Updates

Receive our lunchtime briefing straight to your inbox

Breaking Stories

German archaeologist kidnapped from Nigerian village

£3.5bn needed to avoid catastrophic Sudanese famine but just £74m collected, UN

Le Pen aide charged in European Parliament jobs probe

Amazon resists request for Echo data in murder case

Lifestyle

Cork native Eimear Varian Barry says being snap happy has been extremely lucrative

Here's how to make money out of your social media following

GAMETECH: Dawning of a brand new experience

A real Catastrophe as hit show returns without Carrie Fisher

More From The Irish Examiner