Archive for January, 2014|Monthly archive page

Frustrated with Passwords?

In Embedded Systems, Engineering Principles, Industrial Consortia on January 30, 2014 at 11:21 PM

There is a huge amount of research literature on security, privacy, hacking etc. associated with computer networks of all kinds. Almost all of these networks work on the principle of authenticating users before granting access.  Similarly, all internet based services like your email account, online banking account , Facebook etc. authenticate users before granting access. You need a user id and a password to access all these services. When you use multiple services, you need to create multiple user ids as well as passwords. The problem is that you need to be able to recall these when the need arises. So either you memorize them or write them down somewhere or store in the cloud. This indeed becomes frustrating when you try to use really strong passwords for your accounts. Can there be a better solution that using passwords? Can the sign-in process be simplified? People are making efforts in this direction. There is a an online petition against passwords movement that seeks to educate both users as well as companies to simplify the sign-in process to access services. There are industrial efforts also in this direction. The Fast Identity Online Alliance (FIDO) is also working in the same direction. However, this is not the end of this issue.  Solutions like using device authentication for online authentication restricts the ease of access with respect to devices. For instance, currently you can login to your Gmail account from any computer. However, if a solution ties this login to your personal laptop, you will not be able login through any other device. It remains to be seen how this story unfolds. Will there be really a solution or will users have to live with a compromise between security and privacy concerns on one end and ease of access on the other?