Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Google Wants to Replace All Your Passwords with a Ring
MIT Technology Review ^ | March 12, 2013 | By Tom Simonite

Posted on 03/12/2013 1:24:54 PM PDT by Red Badger

The world’s largest search engine is now experimenting with jewelry that would eliminate the need to remember dozens of passwords.

As part of research into doing away with typed passwords, Google has built rings that not only adorn a finger but also can be used to log in to a computer or online account.

The search and ad company first revealed its plans to put an end to passwords in an academic paper published online in January (see “Google’s Alternative to the Password”). The effort focused on having people plug a small USB key that provides their credentials into a computer. The possibility of using special jewelry in a similar manner was mentioned in that paper.

At the RSA security conference in San Francisco last month, Mayank Upadhyay, a principal engineer at Google who specializes in security, became the first person at Google to speak in public about that research. He said that using personal hardware to log in would remove the dangers of people reusing passwords or writing them down. He also thought people would feel some familiarity with the approach. “Everyone is familiar with an ATM. What if you could use the same experience with a computer?”

Upadhyay said that Google’s trial was focused on a slim USB key that performs a cryptographic transaction with an online service to prove the key’s validity when it’s plugged into a computer. The key also has a contactless chip inside so that it can be used to log in via mobile devices.

Tokens like the ones Google is testing do not contain a static password that could be copied. The cryptographic key unique to the device is stored inside and is never transmitted. When the key is plugged in, it proves its validity by correctly responding to a mathematical challenge posed by the online service it is being used to log into, in a way that doesn’t produce any information that could be used to log in again.

Speaking after the session, Upadhyay said that the company also had a prototype ring that could take the place of a password token, although he didn’t give details on how it works. “Some people are not comfortable with a [USB] token,” he said.

Google is already talking with other companies to lay the groundwork for using the technology to access different services and websites. “It’s extremely early stages, and we’re trying to get more partners,” said Upadhyay. Talks have already started with the FIDO Alliance, a consortium that in February launched technology intended to enable new methods of secure log-in that rely less heavily on typed passwords (see “PayPal, Lenovo Launch New Campaign to Kill the Password”).

“The other cool thing, which we’re really pushing for, is that it’s just built into the browser, so that you don’t have to bother installing middleware or anything else,” said Upadhyay. “We want to have the case where you could just go to your friend’s house and it just works.”

Google already offers a more secure log-in service called two-factor authentication, which involves a person entering a one-time code sent to their cell phone each time they log in. However, only an estimated 1 percent of Google’s users have adopted it, and Upadhyay says most people consider it too much effort to use.

Upadhyay didn’t say which company supplied the hardware at the core of the new trial, but the features he described are identical to a USB security key called the NEO made by Yubikey, a California company that launched in late 2012. Consumers can buy a NEO for $50, although companies buy them in bulk at lower prices.


TOPICS: Business/Economy; Culture/Society; Technical
KEYWORDS: 666; computers; internet; jewelry; security
Navigation: use the links below to view more comments.
first 1-5051-54 next last
One Ring to rule them all, One Ring to find them, One Ring to bring them all and in the darkness bind them
1 posted on 03/12/2013 1:24:55 PM PDT by Red Badger
[ Post Reply | Private Reply | View Replies]

To: ShadowAce

Tech Ping!.............


2 posted on 03/12/2013 1:25:36 PM PDT by Red Badger (Lincoln freed the slaves. Obama just got them ALL back......................)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

Uh, huh. And when that ring gets stolen, or “borrowed” by your kids ... ???


3 posted on 03/12/2013 1:26:44 PM PDT by Fast Moving Angel (A moral wrong is not a civil right: No religious sanction of an irreligious act.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger
My Precious!
4 posted on 03/12/2013 1:28:05 PM PDT by JaguarXKE (Welcome to the new America.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

For years I’ve had a chip in my brain stem so I can receive my marching orders directly from the Manchester Union Leader and the Wall Street Journal editorial page.


5 posted on 03/12/2013 1:28:16 PM PDT by billorites (freepo ergo sum)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

I prefer Google’s 2-step model instead. You get an app for your phone and then it provides one time passwords when you login. Works well and you don’t need anything intrusive.


6 posted on 03/12/2013 1:29:28 PM PDT by Monty22002
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

"The Ring! I can't believe you fell for the oldest trick in the book! What a goof! What's with you man? Come on! You know what? Here let me give it back to you."

[throws it down the grate] "Oh, look, you fell for that too! I can't believe it, man!"

7 posted on 03/12/2013 1:29:34 PM PDT by dfwgator
[ Post Reply | Private Reply | To 1 | View Replies]

To: billorites

Bill Loeb is dead, and the paper ain’t the same. Could’ve been worse, at least you didn’t go with National Review.


8 posted on 03/12/2013 1:30:27 PM PDT by Dr. Sivana ("C'est la vie" say the old folks, it goes to show you never can tell. -- Chuck Berry)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Red Badger

The end of anonymity online, and also one short step from an implanted chip.


9 posted on 03/12/2013 1:30:39 PM PDT by DBrow
[ Post Reply | Private Reply | To 1 | View Replies]

To: Fast Moving Angel

Just buy one of these:

http://www.dadshop.com.au/whistle-key-finder


10 posted on 03/12/2013 1:30:58 PM PDT by Red Badger (Lincoln freed the slaves. Obama just got them ALL back......................)
[ Post Reply | Private Reply | To 3 | View Replies]

To: dfwgator

First smile of the day! Thanks!


11 posted on 03/12/2013 1:31:52 PM PDT by petro45acp (No good endeavour survives an excess of adult supervision)
[ Post Reply | Private Reply | To 7 | View Replies]

To: billorites

Better get one of these......

12 posted on 03/12/2013 1:31:55 PM PDT by Red Badger (Lincoln freed the slaves. Obama just got them ALL back......................)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Red Badger

Shall I name mine “The Precious”, or “Isildur’s Bane”? Decisions, decisions .....


13 posted on 03/12/2013 1:32:02 PM PDT by cdcdawg
[ Post Reply | Private Reply | To 1 | View Replies]

To: DBrow

Retina scans will be next........

14 posted on 03/12/2013 1:34:18 PM PDT by Red Badger (Lincoln freed the slaves. Obama just got them ALL back......................)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Red Badger

Oh I’m sure that Google would just love to get all my passwords loaded into a device they designed.

It’s never going to happen though.


15 posted on 03/12/2013 1:34:49 PM PDT by Steely Tom (If the Constitution can be a living document, I guess a corporation can be a person.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

Sauron hoping to create millions of Nazgul?


16 posted on 03/12/2013 1:36:25 PM PDT by Altariel ("Curse your sudden but inevitable betrayal!")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger
Damn. Beat me to it. Okay, then, here goes:

"Ash nazg thrakbatuluk, .....
Agh burzum-ishi krimpatul!"

Howzat?

17 posted on 03/12/2013 1:36:42 PM PDT by lentulusgracchus
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

I am SURE that little USB ring is COMPLETELY waterproof, shockproof, etc., so you can wear it all the time, shower with it, work with it, swim with it, etc., right?
And it will almost NEVER be lost, stolen or misplaced.
Dumb idea.


18 posted on 03/12/2013 1:37:27 PM PDT by Little Ray (Waiting for the return of the Gods of the Copybook Headings.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger
He said that using personal hardware to log in would remove the dangers of people reusing passwords or writing them down

Uh, how about when it gets stolen, broken or dropped in the toilet? How do you log on to report it stolen and get a new one? How many tax dollars will be spent to give another bling-bling to the welfare scum and how much will the working stiffs have to fork over for it? No, thanks.

19 posted on 03/12/2013 1:38:06 PM PDT by bgill
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger
Retina scans will be next........

Hotlinked, of course, to your gene sequence, Social, federal LE and DHS files, and RW 4D location at that instant.

20 posted on 03/12/2013 1:38:46 PM PDT by lentulusgracchus
[ Post Reply | Private Reply | To 14 | View Replies]

To: DBrow

Don’t use Google! It’s a spy agency! I sent an email to a friend talking about his getting an emergency generator for his home. 15 minutes later I sent another email, and there were ads for generators on the right side of the page.
Use this search engine, which doesn’t track your id, ip, and no cookies;

https://www.ixquick.com/


21 posted on 03/12/2013 1:40:18 PM PDT by Dr. Bogus Pachysandra ( Ya can't pick up a turd by the clean end!)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Red Badger

Better than rectum scans.


22 posted on 03/12/2013 1:40:42 PM PDT by USFRIENDINVICTORIA
[ Post Reply | Private Reply | To 14 | View Replies]

To: Red Badger

All your password belong to us!


23 posted on 03/12/2013 1:43:13 PM PDT by VRW Conspirator (Sometimes it takes calamity to lead to serenity - FReeper RacerX1128)
[ Post Reply | Private Reply | To 1 | View Replies]

To: USFRIENDINVICTORIA

Rectum?


24 posted on 03/12/2013 1:43:17 PM PDT by dfwgator
[ Post Reply | Private Reply | To 22 | View Replies]

To: Red Badger

There’s already little thumb print readers that do the same thing. It doesn’t really replace your passwords so much as enter them for you.


25 posted on 03/12/2013 1:43:50 PM PDT by discostu (Not just another moon faced assassin of joy.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

No mugger has ever stolen people’s rings, of course. </S>


26 posted on 03/12/2013 1:44:22 PM PDT by Darnright ("I don't trust liberals, I trust conservatives." - Lucius Annaeus Seneca)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Little Ray

It probably is actually. Probably it’s just a RFID, the actual USB part is a RFID reader that detects you have the appropriate RFID.

As for not losing it, well that’s on you.


27 posted on 03/12/2013 1:46:23 PM PDT by discostu (Not just another moon faced assassin of joy.)
[ Post Reply | Private Reply | To 18 | View Replies]

To: Red Badger

““Everyone is familiar with an ATM. What if you could use the same experience with a computer?” “

ATMs are a pain in the ass to use!

I won’t wear a ring and don’t want to carry any hardware, keys in my pocket are bad enough.


28 posted on 03/12/2013 1:47:48 PM PDT by dalereed
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

Well now, only need a portable implant to respond to the challenge so that no man could buy or sell without the 666 association.


29 posted on 03/12/2013 1:48:16 PM PDT by F15Eagle (1 John 5:4-5, 4:15, 5:13; John 3:17-18, 6:69, 11:25, 14:6, 20:31; Rom10:8-11; 1 Tim 2:5; Titus 3:4-5)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

Wow, a magic decoder ring for real! The ones I used to send in cereal box tops for always turned out to be lame.


30 posted on 03/12/2013 1:48:16 PM PDT by JimSEA
[ Post Reply | Private Reply | To 1 | View Replies]

To: dfwgator

With a retinal scan, you press your eye against the scanner.

With a a rectal scan, you press your ... well you get the idea.


31 posted on 03/12/2013 1:50:11 PM PDT by USFRIENDINVICTORIA
[ Post Reply | Private Reply | To 24 | View Replies]

To: Red Badger

The next time you see someone missing a finger it will be some idiot that fell for Google’s ring and the thief cut off their finger to get their ring!


32 posted on 03/12/2013 1:51:48 PM PDT by dalereed
[ Post Reply | Private Reply | To 2 | View Replies]

To: Red Badger
Am I the only one remembering the "dongel" that plugged into the computer's parallel printer port that allowed you to use "copy protected" software. That didn't work out to well.

G

33 posted on 03/12/2013 1:56:31 PM PDT by Gandalf_The_Gray (I live in my own little world, I like it 'cuz they know me here.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

What ding-a-ling thought this one up??


34 posted on 03/12/2013 2:01:37 PM PDT by Sacajaweau
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

The people at Google have obviously never worked around machinery.


35 posted on 03/12/2013 2:02:29 PM PDT by fso301
[ Post Reply | Private Reply | To 1 | View Replies]

To: discostu

Still a stupid idea.
Thieves will be able to rip your RFID code off your ring; they already have problems with that with RFID credit cards. You have carry them in metal wallets to protect them from readers.
Anything readable WILL be ripped off by today’s hackers and thieves.


36 posted on 03/12/2013 2:02:42 PM PDT by Little Ray (Waiting for the return of the Gods of the Copybook Headings.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: Gandalf_The_Gray
Am I the only one remembering the "dongel" that plugged into the computer's parallel printer port that allowed you to use "copy protected" software...

Oh, my no. We have a particularly stubborn vendor who insisted on using it after I'd replaced the servers it used to attach to. Ever try to find a parallel card that will fit a blade server? They finally - and grudgingly - came up with a "newfangled" USB key that had to be reseated at every reboot. We're now on an open-source competitor. Sheesh.

37 posted on 03/12/2013 2:03:09 PM PDT by Billthedrill
[ Post Reply | Private Reply | To 33 | View Replies]

To: Little Ray

It’s not really a big deal. The fact is the reader will be connected to your computer, if thieves have gotten access to your computer already they don’t need the ring. They can just take the computer and use any of the million ways to get around/ learn your passwords at their leisure.


38 posted on 03/12/2013 2:06:23 PM PDT by discostu (Not just another moon faced assassin of joy.)
[ Post Reply | Private Reply | To 36 | View Replies]

To: Red Badger
[RECOMMENDED PASSWORD FROM GOOGLE]



I'll pass...
39 posted on 03/12/2013 2:06:51 PM PDT by VanDeKoik
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

Sounds great, until Frodo-like amputations start to show up as a common crime MO.


40 posted on 03/12/2013 2:08:47 PM PDT by Pearls Before Swine
[ Post Reply | Private Reply | To 1 | View Replies]

To: discostu

No, hackers can actually pull RFID codes from the chip without accessing the computer. It really is a stupid idea.


41 posted on 03/12/2013 2:23:37 PM PDT by Little Ray (Waiting for the return of the Gods of the Copybook Headings.)
[ Post Reply | Private Reply | To 38 | View Replies]

To: Little Ray

But that gives them nothing. Now they have the RFID, without the reader on the other side all they’ve got is a big long number. It’s not like the credit cards where there are readers all over the place. For this the reader controls access to your computer, go to some other computer with something spoofing as your RFID and nothing happens.


42 posted on 03/12/2013 2:27:09 PM PDT by discostu (Not just another moon faced assassin of joy.)
[ Post Reply | Private Reply | To 41 | View Replies]

To: Red Badger

In India there is a project to photograph everyone’s pupils in the near IR for ID purposes. That’s 1.8 billion people!


43 posted on 03/12/2013 2:32:26 PM PDT by DBrow
[ Post Reply | Private Reply | To 14 | View Replies]

To: All

             




Startpage Search

LastPass encrypted password manager

(both freebies, btw)

44 posted on 03/12/2013 2:34:29 PM PDT by tomkat
[ Post Reply | Private Reply | To 1 | View Replies]

To: Dr. Bogus Pachysandra

lol .. Yup !


45 posted on 03/12/2013 2:39:48 PM PDT by tomkat
[ Post Reply | Private Reply | To 21 | View Replies]

To: tomkat

Hal, open the pod door.


46 posted on 03/12/2013 3:04:45 PM PDT by BipolarBob (Happy Hunger Games! May the odds be ever in your favor.)
[ Post Reply | Private Reply | To 44 | View Replies]

To: BipolarBob
HAL ! !
47 posted on 03/12/2013 3:10:13 PM PDT by tomkat
[ Post Reply | Private Reply | To 46 | View Replies]

To: JimSEA

Check out this decoder ring:

http://www.thinkgeek.com/product/e7b3/?pfm=Search&t=secret%20decoder%20ring


48 posted on 03/12/2013 3:17:45 PM PDT by Fast Moving Angel (A moral wrong is not a civil right: No religious sanction of an irreligious act.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: Fast Moving Angel

I like these better:

http://www.decoderringtheatre.com/


49 posted on 03/12/2013 3:53:41 PM PDT by FateAmenableToChange
[ Post Reply | Private Reply | To 48 | View Replies]

To: Fast Moving Angel

“Uh, huh. And when that ring gets stolen, or “borrowed” by your kids ... ???”

Well, that wouldn’t be a problem in “the hood”, since no one would be able to figure out which ring is the hot one.


50 posted on 03/12/2013 4:23:41 PM PDT by BobL (Look up "CSCOPE" if you want to see something really scary)
[ Post Reply | Private Reply | To 3 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-54 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson