Google trial Yubikey as password all-in-one solution

With Google already strongly supporting NFC through Android Beam and Google Wallet the company has started looking into new ways to deploy wireless tech

 

The security team at Google are trialling new ways of logging into email and user accounts, with the aim of scrapping passwords entirely, in favour of a new Yubikey or even a ring that contains wireless technology.

In a new research paperto be published in IEEE Security and Privacy Magazine later this month, Google Vice President of Security Eric Grosse and Engineer Mayank Upadhyay have outlined future methods for logging into websites, voiding the need for passwords.

Google are currently experimenting with the Yubikey, a tiny Yubico cryptographic card, which will automatically log the web user into Google when slotted into a USB card reader, and although Google have had to adapt their existing web browser, there will no software downloads required. The user simply needs to log into the website, plug in the USB stick and then register it with a single click of the mouse.

The Yubikey will then be used in a similar way to a car or house key, which provides the main problem with this technology. Although it will drastically reduce the chances of your accounts being hacked; if you lose it, you have to report it missing/stolen immediately, and then have it replaced.

In the article, Grosse and Upadhyay said: “Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,”

Eventually, the Google security team hope that they can then scrap the USB stick for a wireless equivalent, possibly linked into your mobile phone or jewellery: “We'd like your smartphone or smartcard-embedded finger ring to authorise a new computer via a tap on the computer, even in situations in which your phone might be without cellular connectivity.”

They add: "We'll have to have some form of screen unlock, maybe passwords but maybe something else, but the primary authenticator will be a token like this or some equivalent piece of hardware."

Grosse and Upadhyay believe this new technology will result in completely password-free log-ins, except when making significant changes to user accounts. However, it is not yet clear whether other websites will be willing to collaborate with Google on the idea.

Future tech: At a glance

future tech predictions
Future Tech: Predictions answered definitively

We were promised a variety of future tech, most of which have failed to hit the shelves. So, what ever happened to flying cars and teleportation? Answers please...

Comments

Be the first to comment…

Back to top
Close
T3 Newsletter
Sign up to recieve the T3 newsletters by entering your details below

Your Details

As you're registering with us. we'd like to think that you'd enjoy receiving the following emails; if you'd rather not receive them, please untick the boxes:

I would like to receive other emails from T3, Future Publishing Limited and it's group companies containing news, special offers and product information
I agree to the terms of use and privacy policy and confirm that I am over 16 years of age *
Close
Log in or Join

By clicking below you agree to our terms and conditions and our privacy policy

Log in to T3.com with your preferred social network

Log in with your T3.com account

CloseJoinPlease complete these additional details

Join T3.com with your preferred social network

OR

Join T3.com

Please tick this box to confirm you are 16 years old or over

Just so we know you're human

Newsletters

I would like to receive T3 email newsletters, packed full of the latest tech news, competitions and exclusive offers.

I would like to receive other emails from T3, Future Publishing Limited and its group companies containing news, special offers and product information.

I would like to receive offers from carefully selected third Parties. We will not share your data with the third party.

Close Edit your profile

Change your password

Newsletters

I would like to receive T3 email newsletters, packed full of the latest tech news, competitions and exclusive offers.

I would like to receive other emails from T3, Future Publishing Limited and its group companies containing news, special offers and product information.

I would like to receive offers from carefully selected third Parties. We will not share your data with the third party.

Social networks

You have authorised these social networks to interact with your T3.com account.

Please ensure you deactivate or revoke access to this website from within your social networks settings to ensure all permissions are removed.

Close Forgotten your password

Forgotten your password?

Please enter the email address that you used to sign up and we'll send you a new password

Close
Forgotten password
Don't have a T3 Account? Join now