Google thinks it might have found an answer to the vexing problem of forgotten or weak passwords: "physical" passwords, which might come in the form of a piece of jewelry such as a ring.
In a research paper, two of its engineers write that current strategies to prevent the hijacking of online accounts, including the two-step identity verification system, are insufficient, partly due to the constant threat of attacks that exploit new bugs.
Google highlights phishing, in which hackers dupe account holders into revealing sensitive information by making them sign into a fake account log-in page, as one of the biggest security threats of today.
"It's time to give up on elaborate password rules and look for something better," the authors say. The research paper, by Google's Eric Grosse and Mayank Upadhyay, is to be published January 28 in the publication IEEE Security & Privacy. It was first reported on by Wired on Friday.
To read this article in full or to leave a comment, please click here
Comment