By Binu Paul email: firstname.lastname@example.org | Jan 19, 2013 11:47 AM EST
Can your passwords be replaced by tiny gadgets? Google thinks the era is not far away. Google's security team is already working on a project that will replace your passwords with USB keys, mobile phones and even jewelry that can act as a physical 'key' to access your accounts.
Google's security engineers are preparing a paper on the aforementioned research, which will be published in the engineering journal IEEE Security and Privacy Magazine later this month, reports Wired.
According to the report, it's just a matter of time before the idea of gadgets helping people to access their Web sites come true and that Google Vice President of Security Eric Grosse and Engineer Mayank Upadhyay have outlined many ways of materializing it in their research paper.
"Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe," Grosse and Upadhyay write in their paper.
Getting a peek at the paper, Wired reported that Google is mulling various ways of getting rid of passwords such as with a tiny Yubico cryptographic card, which when slid into a USB, can automatically log a user into Google. This can be done easily, without any software down, by modifying Google's Web browser to work in conjunction with the card. Google engineers are looking at a future day when you authenticate a device such as your smartphone or Yubico key to log into your online accounts. The devices can even be used like a car key.
"Some more appealing form factors might involve integration with smartphones or jewelry that users are likely to carry anyway," the authors wrote. "We'd like your smartphone or smartcard-embedded finger ring to authorize a new computer via a tap on the computer, even in situations in which your phone might be without cellular connectivity."
However, Google's efforts to kill passwords requires large-scale acceptance from Web sites that agrees for this sort of a device-centric login technique.
Even the two-step login option, introduced two year back, could not offer a full proof protection for users. According to the Google's two-way authentication process, the search engine sends a secret code via text message every time a user wants to log into his Google account from a new computer.
© 2013 Mobile & Apps All rights reserved. Do not reproduce without permission.