Google's Creepy Plan To Kill The Password

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
So, by a show of hands, how many of you out there would be okay with Google's current plan to kill the password? Anyone?

Abacus would lock or unlock devices and apps based on a cumulative "trust score" -- as your phone continually monitors and recognizes your location patterns, voice and speech patterns, how you walk and type, and your face (among other things).
 

File

Gawd
Joined
Oct 23, 2003
Messages
844
Drink another verification can, and repeat the Mountain Dew pledge of allegiance into your phone before access is granted.
 

nutzo

Supreme [H]ardness
Joined
Feb 15, 2004
Messages
7,380
So if you fall down a cliff while hiking, you will not be able to unlock your phone?
Same if you are in a car accident and now walk with a limp?
How about a sore throat because you are sick? Guess you won't be able to call the Doctor.
 

lcpiper

[H]F Junkie
Joined
Jul 16, 2008
Messages
10,611
There are some large user bases that don't even allow a cell phone into a computing environment, even today's "two-factor" authentication relying on SMS, which isn't really two-factor authentication but who's going to be picky, would not work in those environments. Completely relying on your cell phone as a vector and attestation proxy would never work.

As long as the Government/Military sector stays the way it is in this regard, I don't think we'll see the death of the password any time soon. Other methods may become available, but old-school will remain still for a good while.
 

nilepez

[H]F Junkie
Joined
Jan 21, 2005
Messages
11,632

Seventyfive

[H]ard|Gawd
Joined
Jul 14, 2004
Messages
1,347
Considering how Google Wallet became Android Pay all of a sudden stopped working because it can't recognize my android device as an android device, I am pretty fucking skeptical about handing off my verification to any mobile app made by them.
 

lcpiper

[H]F Junkie
Joined
Jul 16, 2008
Messages
10,611
https://www.youtube.com/watch?v=3Hji3kp_i9k&feature=youtu.be&t=4m13s

Personally I don't use the finger print scanner on my phone. It's unlikely I'll have issues with the police, but using biometrics makes it easy for them to gain access to my phone. And I don't think they can guess a 4-6 digit pass code, nevermind an alpha numeric one.
The problem with finger prints, retina scans, etc, they are still just a collection of data transmitted as a file or possibly streamed. The file can be captured and used improperly. I might look secure and feel secure, but alone, it's not any better then a password, just a longer more complex series of data points but fundamentally no different then a collection of alpha-numeric. What's worse, everywhere you go, everything you touch becomes a possible capture point for your biometric signature. Would you walk around dropping off business cards everywhere with your three favorite passwords listed on them?
 

Red Falcon

[H]F Junkie
Joined
May 7, 2007
Messages
10,253
A fingerprint reader would be nice, or a retinal id. I've used both and trust them as much as a password or more.
Until someone needs access to your devices and decides to remove an eye or two, and cuts off your hands...
Haven't you watched Demolition Man? ;)
 

Scottw

Limp Gawd
Joined
May 8, 2001
Messages
170
Excluding the thought that Google would be monitoring and parsing a lot of personal information (no thanks), authenticating based on bio-metric data along with whatever other properties they want to record seems like a bad idea. That information would need to be stored somewhere and used to authenticate a person. The issue is that if the data was ever taken, you now have an entire method of authentication that can't be used ever again because there are traits about a person that are now out in the open. The traits can't be changed. It's just really stupid. The same thing goes for stuff like thumbprint scanners.
 

MacLeod

Supreme [H]ardness
Joined
Jul 28, 2009
Messages
7,652
As I get older and more sites won't let me put the password in I want, (you must use 3 capital letters, at least 3 different characters from *&#@$+-=%!?, 2 numbers and a batman symbol) I'm finding I have to reset my password more and more often. Maybe us old timers could find something like this useful......or, ya know, they could just let us use the fucking password that we want!
 

mi7chy

2[H]4U
Joined
May 22, 2013
Messages
3,985
Just an extension of multifactor authentication and using more data points to confirm identify. Counter to the fear mongering if you lose a finger, voice from flu, etc. it should still be able to positively identify you from other data points. Makes sense.
 

Kazzanova

Weaksauce
Joined
Jul 8, 2008
Messages
108
As I get older and more sites won't let me put the password in I want, (you must use 3 capital letters, at least 3 different characters from *&#@$+-=%!?, 2 numbers and a batman symbol) I'm finding I have to reset my password more and more often. Maybe us old timers could find something like this useful......or, ya know, they could just let us use the fucking password that we want!

This... I have only ever had one account compromised, and it was my own stupidity. Stop forcing certain password types, let me determine my level of security needed for my information. It's even more annoying at work, now that they don't let us recycle PWs and I have to get a new one every 30 days -.-
 

samm

[H]ard|Gawd
Joined
Jul 17, 2013
Messages
1,757
great, so all someone needs is to mimic all those "alternative future security proof" pws to access my gmail account.
 

Dead Parrot

2[H]4U
Joined
Mar 4, 2013
Messages
2,757
So Google wants to improve my security by monitoring and recording everything I do? And who watches the watcher?
 

Liger88

2[H]4U
Joined
Feb 14, 2012
Messages
2,657
Man, I really don't understand why silicon valley is flipping out over trying to reinvent password management. Just the other year I finally moved to one (PassPack) and I'm kicking myself for not moving to one a decade ago. It's not nearly as burdensome as it used to be way back in the day and just simply works. No need to do all this other crazy stuff for a stupid password.

One password to rule them all. There are plenty of guides out there to help in that department. Most people are just memorizing a single password anyways.
 

nilepez

[H]F Junkie
Joined
Jan 21, 2005
Messages
11,632
As I get older and more sites won't let me put the password in I want, (you must use 3 capital letters, at least 3 different characters from *&#@$+-=%!?, 2 numbers and a batman symbol) I'm finding I have to reset my password more and more often. Maybe us old timers could find something like this useful......or, ya know, they could just let us use the fucking password that we want!
Keepass is your friend.
 

jj14

Weaksauce
Joined
Jan 6, 2016
Messages
105
There has actually been alot of research and development with passwordless authentication. In theory passwords we have now are a bad concept but they actually work well. It would take alot for people (general public) to move to a passwordless world. All about trust at the end of the day.
 
Top