Google joins up with FIDO Alliance, looks to replace passwords with more secure methods

With all the hacking that’s been going on these days, (see AP’s Twitter hijinx from a few days ago), you may be wondering just how secure the traditional password method really is. I think it’s safe to say that, well… passwords aren’t very secure. And there’d be many who’d agree with you. Take the Fast Identity Online Alliance, a security group founded in 2012 that that looks to finally kill off the password, replacing it instead with hardware (NFC, voice, fingerprints, etc.) that must be used to authenticate a user before permitting access to online accounts and other sensitive information.

Today the FIDO Alliance announced their newest member: Google. Backed by heavy-weight such as PayPal and Lenovo, Google is just another ally for FIDO who needs backing from as many bigwigs as possible if they hope to bring their plans of a multiple standardized methods to fruition. Google, who already provides a variety of authentication processes like facial recognition in Android, or 2-step verification in Gmail, perfectly lines up with that goal. This reminds me, I should probably refresh all my passwords soon…

[via Press Release]

Continue reading:




  • Unorthodox

    I use Google Authenticator app with 2 step authentication, and it’s awesome.

  • Maximillion82

    Not sure why Google is going this way, their 2 way authenticator seems safer to me than the single password that PayPal uses.

  • VI

    Passwords aren’t the problem … its stupid security questions that are so generic they can be looked up on Facebook or other social media sites.

    Security questions are the dumbest thing we have today … WEAKENING passwords as they stand and defeating the entire point of two factor authentication. Instead of something you know and something you have …. it’s something you know OR something anyone can look up.

    Why this glaring hole needs a committee is mind boggling.

    • Montisaquadeis

      The way to get around that is to not put the obvious answers but to come up with something unique. Example What is your mothers middle name dont put their real name but something else that is unique at least that is what I do.

      • RitishOemraw

        Exactly…..I usually have 2 other passwords that I enter in those fields regardless of the question

      • OptimusL

        Or even something like “try and guess this” if they give you the option to make a custom question. Then they have no way to guess your answer.

    • h4rr4r

      Only if you are an idiot.
      When they ask for mothers maiden name, respond with the a sentence about your mom instead. Let her maiden name be “MY mom once forgot me at the pool, but i still like her”, let them get that from facebook.

  • guitarist5122

    This would be cool. I would love passwords to die. Just a fine print or vice recognition would be great. Granted it would need to be accurate

    • h4rr4r

      Both of those are easy to spoof. Gummi bear attack on finger print, and voice recognition can be attacked via recording.

    • JasonIvers

      Heh… I want to see someone promote their new “vice” recognition technology :)

  • SpackJarrow

    would love for finger print readers or the such like to work. I don’t understand why that feature hasn’t taken off on phones…

  • Christopher Robert

    Hardware solutions will be just as vulnerable as passwords eventually. Even if you scan your fingerprint it is still being transformed into digital code which can be spoofed of hacked to break passed the security block. This will still only be a temporary solution. Eventually hackers will crack these new hardware scanners and they will be just as flimsy of security as a password.

  • h4rr4r

    Good passwords are easy, just make them very long but easy to type and remember.

    Like so “This is my phone there are many like it but this one is my precious”, that would be a good password.