January 21, 2013 By News Staff
With the plethora of online accounts these days, it's no wonder that forgotten or weak passwords are so common. But it's those weak passwords that cause the hijacking of online accounts, and Google is working to put a stop to it.
The company thinks that "physical" passwords -- that may come in the form of a piece of jewelry, such as a ring -- might be the answer, according to NetworkWorld. The basic idea is that people can use a single device put into a USB slot to log into all of their online accounts with one mouse click.
Current strategies to prevent online account hijacking, including the two-step identity verification system, are insufficient, according to Google's Eric Grosse and Mayank Upadhyay, partly due to the constant threat of attacks that exploit new bugs. And phishing is one of the biggest security threats today.
"It's time to give up on elaborate password rules and look for something better,"Grosse and Upadhyay say in a research paper scheduled to be published Jan. 28 in IEEE Security & Privacy.
Google's proposal is an encrypted USB-like device that people would use to log into password-protected websites and online accounts. The company says it's working on an internal pilot with an experimental USB device that users first register with multiple websites where they have accounts, NetworkWorld reported, and a compliant browser would make two new application programming interfaces (APIs) available to the website to be passed down to the attached device.
This Digital Communities white paper highlights discussions with IT officials in four counties that have adopted shared services models. Our aim was to learn about the obstacles these governments have faced when it comes to shared services and what it takes to overcome those roadblocks. We also spoke with several members of the IT industry who have thought long and hard about these issues. The paper offers some best practices for shared government-to-government services, but also points out challenges that government and industry still must overcome before this model gains widespread adoption.