Google gives FIDO more bite
Google has joined the Fast IDentity Online Alliance (FIDO) in a move that will boost the group's goal of keeping all web users better protected by replacing online passwords with physical devices and other forms of authentication.india Updated: Apr 26, 2013 11:32 IST
Google has joined the Fast IDentity Online Alliance (FIDO) in a move that will boost the group's goal of keeping all web users better protected by replacing online passwords with physical devices and other forms of authentication.
A consortium of technology companies that already counts Lenovo and PayPal within its ranks, FIDO's mission is to kill off the password -- which it highlights is the weakest link in the internet security chain -- and replace it with another open-standards system that uses voice recognition, biometrics, NFC or physical tokens that is simple to implement, simple for consumers to use and is inexpensive and scalable enough to roll out as a global solution.
Though the alliance boasts one or two ‘heavy hitters,' the addition of Google at board level will no doubt help it to get its voice heard and to push ideas forward. Google is one of the industry's biggest and most vocal supporters of multi-factor authentication and in January this year published a whitepaper on ideas for replacing the password, which included a smart ring that tells a device a user is who they claim to be, or a token such as a key that plugs directly into a computer's USB port as a means of physical ID.
The latest survey from Ofcom, the UK media regulator, published this week, highlights that 55 percent of British internet users recycle the same password for all sites they visit and, as the average UK surfer visits 19 different websites every week, the risks to their personal security, should a password be revealed, is huge.
Likewise despite the ever growing number of attacks on mail services such as Yahoo! and networks like Twitter, LinkedIn and Word Press, the world's three most popular passwords (for the third year running) are still "password", "123456" and "1234567" according to SplashData's annual list of the worst log-ins, gathered and compiled from system hacks which in total recovered more than 8 million passwords.