Google's Creepy Plan To Kill The Password

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
So, by a show of hands, how many of you out there would be okay with Google's current plan to kill the password? Anyone?

Abacus would lock or unlock devices and apps based on a cumulative "trust score" -- as your phone continually monitors and recognizes your location patterns, voice and speech patterns, how you walk and type, and your face (among other things).
 
Drink another verification can, and repeat the Mountain Dew pledge of allegiance into your phone before access is granted.
 
So if you fall down a cliff while hiking, you will not be able to unlock your phone?
Same if you are in a car accident and now walk with a limp?
How about a sore throat because you are sick? Guess you won't be able to call the Doctor.
 
There are some large user bases that don't even allow a cell phone into a computing environment, even today's "two-factor" authentication relying on SMS, which isn't really two-factor authentication but who's going to be picky, would not work in those environments. Completely relying on your cell phone as a vector and attestation proxy would never work.

As long as the Government/Military sector stays the way it is in this regard, I don't think we'll see the death of the password any time soon. Other methods may become available, but old-school will remain still for a good while.
 
Considering how Google Wallet became Android Pay all of a sudden stopped working because it can't recognize my android device as an android device, I am pretty fucking skeptical about handing off my verification to any mobile app made by them.
 
https://www.youtube.com/watch?v=3Hji3kp_i9k&feature=youtu.be&t=4m13s

Personally I don't use the finger print scanner on my phone. It's unlikely I'll have issues with the police, but using biometrics makes it easy for them to gain access to my phone. And I don't think they can guess a 4-6 digit pass code, nevermind an alpha numeric one.

The problem with finger prints, retina scans, etc, they are still just a collection of data transmitted as a file or possibly streamed. The file can be captured and used improperly. I might look secure and feel secure, but alone, it's not any better then a password, just a longer more complex series of data points but fundamentally no different then a collection of alpha-numeric. What's worse, everywhere you go, everything you touch becomes a possible capture point for your biometric signature. Would you walk around dropping off business cards everywhere with your three favorite passwords listed on them?
 
A fingerprint reader would be nice, or a retinal id. I've used both and trust them as much as a password or more.

Until someone needs access to your devices and decides to remove an eye or two, and cuts off your hands...
Haven't you watched Demolition Man? ;)
 
Excluding the thought that Google would be monitoring and parsing a lot of personal information (no thanks), authenticating based on bio-metric data along with whatever other properties they want to record seems like a bad idea. That information would need to be stored somewhere and used to authenticate a person. The issue is that if the data was ever taken, you now have an entire method of authentication that can't be used ever again because there are traits about a person that are now out in the open. The traits can't be changed. It's just really stupid. The same thing goes for stuff like thumbprint scanners.
 
As I get older and more sites won't let me put the password in I want, (you must use 3 capital letters, at least 3 different characters from *&#@$+-=%!?, 2 numbers and a batman symbol) I'm finding I have to reset my password more and more often. Maybe us old timers could find something like this useful......or, ya know, they could just let us use the fucking password that we want!
 
Just an extension of multifactor authentication and using more data points to confirm identify. Counter to the fear mongering if you lose a finger, voice from flu, etc. it should still be able to positively identify you from other data points. Makes sense.
 
As I get older and more sites won't let me put the password in I want, (you must use 3 capital letters, at least 3 different characters from *&#@$+-=%!?, 2 numbers and a batman symbol) I'm finding I have to reset my password more and more often. Maybe us old timers could find something like this useful......or, ya know, they could just let us use the fucking password that we want!


This... I have only ever had one account compromised, and it was my own stupidity. Stop forcing certain password types, let me determine my level of security needed for my information. It's even more annoying at work, now that they don't let us recycle PWs and I have to get a new one every 30 days -.-
 
great, so all someone needs is to mimic all those "alternative future security proof" pws to access my gmail account.
 
So Google wants to improve my security by monitoring and recording everything I do? And who watches the watcher?
 
Man, I really don't understand why silicon valley is flipping out over trying to reinvent password management. Just the other year I finally moved to one (PassPack) and I'm kicking myself for not moving to one a decade ago. It's not nearly as burdensome as it used to be way back in the day and just simply works. No need to do all this other crazy stuff for a stupid password.

One password to rule them all. There are plenty of guides out there to help in that department. Most people are just memorizing a single password anyways.
 
As I get older and more sites won't let me put the password in I want, (you must use 3 capital letters, at least 3 different characters from *&#@$+-=%!?, 2 numbers and a batman symbol) I'm finding I have to reset my password more and more often. Maybe us old timers could find something like this useful......or, ya know, they could just let us use the fucking password that we want!

Keepass is your friend.
 
There has actually been alot of research and development with passwordless authentication. In theory passwords we have now are a bad concept but they actually work well. It would take alot for people (general public) to move to a passwordless world. All about trust at the end of the day.
 
Back
Top