Google Declares War On the Password 480
An anonymous reader writes "Wired reports on a research paper from Google employees about the future of authentication on the web. 'Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,' the authors write. Their plan involves authenticating just once, to a single device, and then using that to unlock all of your other accounts. "We'd like your smartphone or smartcard-embedded finger ring to authorize a new computer via a tap on the computer, even in situations in which your phone might be without cellular connectivity." Recognizing that this isn't something they can accomplish on their own, they've gone ahead and created a device-based authentication protocol that is 'independent of Google, requires no special software to work — aside from a web browser that supports the login standard — and which prevents web sites from using this technology to track users.'"
Re:Yeah yeah, we have seen this before (Score:5, Funny)
One phone to rule them all, One phone to find them,
One phone to bring them all and in the darkness bind them
In the Land of Google where the Shadows lie.
Don't be evil!
Re:Tracking (Score:5, Funny)
security principles for authentication:
1) what you have
2) what you are
3) what you know
for google:
1) what you have: you have a tracking device that we'd like you to always have on and always transmit your location and other info to us.
2) what you are: you are a source of marketing info to us, as well as other info we can give/sell to others.
3) what you know: you are told that we are 'not evil' and we've repeated that so many time, you just KNOW its true.
Re:Brilliant idea (Score:5, Funny)