Moreover, users have a tendency to define passwords, little complex and very often obvious. Aware of this issue, Google has indicated that it has an ongoing project which aims pioloto implement a new security mechanism for gmail.
The authentication mechanism proposed by Google may be weird but considering that the use of biometrics is effective and inviolable (this time), then the proposal can be interesting. According to the Wired site, the investigation of this mechanism will be published in the magazine I EEE Privacy & Security which will be available later this month.
According to researchers from Google, the year 2012 has been the year that did reflect on the use of your password, since this is a cheap and weak mechanism to authenticate users on the Internet today.
The idea of Google is to make use of a small card Yubico that supports encryption and enabling the authentication of users. They should also be made of changes in browsers, for integration with this mechanism. At first it may be just a mini card after inserted into the USB port can do user authentication.
However, Google said that it is also planned to integrate this mechanism with smartphones or even a ring embedded in a smartcard. In these cases, if someone steals your smartphone or ring is easier to inform Google's own successful for it to take the appropriate action.
We'd like your smartphone or smartcard-embedded ring finger to authorize the new computer via a tap on the computer, even in situações Which in your phone might be without cellular connectivityFor this idea to succeed, Google is aware that this mechanism will be adopted by other services / businesses. For this, we have developed a protocol (details were not disclosed) that will allow the use of such a mechanism, and is fully independent of Google.
Note that Google has implemented about two years a security mechanism with two-step verification , which become more complex. However, this security mechanism can easily be "overtaken" by a phishing attack - a scam that uses spam or pop-up messages to deceive people in order to reveal credit card numbers, bank account information, numbers social security, passwords and other confidential or sensitive information.
This new authentication mechanism is interesting and based on the giant Google has everything to succeed. However it raises some issues such as the need to acquire a physical device for authentication. Let's see what the future holds and what paths to follow in the area of user authentication.
Consider this authentication mechanism, proposed by Google, will be effective?
Sem comentários:
Enviar um comentário