Google VP of security Eric Grosse and engineer Mayank Upadhyay have come up with a few ideas to help the internet become more secure. They explain in an upcoming paper for IEEE’s Security & Privacy magazine, “Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe”.
What do they suggest? Well, one idea is for a smart phone or smart card ring that can be worn to authorize a new computer to give you access to certain sites. The other idea is to plug a customized USB device while browsing the internet that automatically logs you into sites. When you unplug it, the sites no longer give you access.
There is one big problem I see. What happens if you lose these devices or simply forget them somewhere? It seems like a big pain to try to keep track of these devices when you can just input a password and get access instantly with the system we have in place currently. On the other side of the coin, if you are someone that easily forgets your passwords, this can be a very valuable tool.
It’s no surprise that most people dislike change. Who knows if these ideas will come to fruition or fizzle out, but it’s nice to see that someone is addressing this security issue. In the meantime, we suggest that you try out the multi step verification Google already has set up. Users input their password along with a verification code sent to their phones to ensure personal information from your Google account is not stolen by someone else. We are eager to see where Google goes with these ideas. Wouldn’t it be nice to not to have to remember another password again?