Google Tries to Tackle the Hackers with a Ring
Google's main bottomline is to make passwords a thing of the past.
Internet Search company Google and its gamut of engineers are currently working on a technology to eliminate the use of password encoding right from your computer, and instead transfers it to an external device where of course it is presumed only you can get access to it.
The external device being proposed could be a key card that plugs into your computer's USB port or a high-tech ring worn on your finger.
"We contend that security and usability problems are intractable," Eric Grosse, Google vice president of security, and Mayank Upadhyay, an engineer, wrote in an article slated to be published later this month in IEEE Security & Privacy Magazine. "It's time to give up on elaborate password rules and look for something better."
Although, it has long leveled up its security measures such as the implementation of the two-step verification, Messrs Grosse and Upadhyay said however not all of its Google users are protected by the two-step service.
With the proliferation of hacking, they are proposing the use of an alternative "USB token" that is tied to the user and plugs into a computer's USB port and then transmits identity via a website. Essentially, the user gets to access his or her accounts, without the need for entering passwords.
"We're focused on making authentication more secure, and yet easier to manage. We believe experiments like these can help make login systems better," The Age quoted an unidentified Google spokesperson.
"Physical device direct authentication has the benefit of not being susceptible to phishing attempts, and it also simplifies the process, meaning that it could work without an actual password for light security scenarios, and with a simple password in areas where you're more concerned about your privacy. There's still a risk of device theft or loss, but that's easier to mitigate and track than malware based hacking attempts," according to www.techcrunch.com.
Google had already said it is running a pilot program with YubiKey cryptographic card.
"We'd like your smartphone or smartcard-embedded finger ring to authorise a new computer via a tap on the computer, even in situations in which your phone might be without cellular connectivity," Google said in its research paper.
Articles on IEEE Security & Privacy Magazine can be accessed as this address --- http://www.computer.org/portal/web/computingnow/securityandprivacy