Wednesday, March 3, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

MWC 2019: Your future Android phone, apps will need no password

February 25, 2019
in Internet Security
MWC 2019: Your future Android phone, apps will need no password
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

You keep hearing the warnings: use unique, strong, complex and lengthy passwords for each of your online accounts — and, of course, make sure you don’t forget them.
 
It is a trifle for many threat actors to brute-force simple and easy-to-remember passwords which are in constant circulation, and as companies now often enforce strong password policies and two-factor authentication (2FA), password management can be difficult to keep up with without the help of dedicated password managers (some, of which, have recently been found to be rather less secure than we would like).
 
What if, then, passwords were completely removed in favor of something else?

On Monday at Mobile World Congress (MWC) 2019 in Barcelona, Google and the FIDO Alliance outlined what such a future may look like for Android users.

You might also like

Malaysia Airlines suffers data security ‘incident’ spanning nine years

Remote work: 5 things every business needs to know

New app rollout helps reduce paperwork for NSW frontline child protection caseworkers

Together, the organizations revealed that the Android operating system is now FIDO2 certified, which means that passwords could one day be fully eradicated in the mobile ecosystem.

The FIDO Alliance is an open industry association which focuses on bringing down our reliance on passwords. Made up of companies including Amazon, Arm, Google, Intel, Lenovo, and Microsoft, among many others, the organization is also the creator of specifications for improved authentication standards.   

Among these standards are FIDO Universal Second Factor (FIDO U2F), FIDO Universal Authentication Framework (FIDO UAF) and FIDO2, which implements the W3C’s Web Authentication (WebAuthn) specification and the FIDO Client to Authenticator Protocol (CTAP).

FIDO2-enabled devices permit users to log in to online services and apps through FIDO security keys — such as YubiKey — or biometrics including fingerprint readers and cameras, all of which are backed by cryptographic security.

See also: Fake Google reCAPTCHA used to hide Android banking malware 

This can not only prevent eavesdropping and Man-in-The-Middle (MiTM) attacks but also remove what is often a weak point in online security services — the possibility of passwords being brute-force attacked.

Now that Android is FIDO2 certified, this paves the way for over a billion devices to implement passwordless authentication standards as long as they are operating on Android version 7.0 or above.

Android app and web developers can now add FIDO authentication to their software through an API call, which the companies say will bring “passwordless, phishing-resistant security to a rapidly expanding base of end users who already have leading Android devices and/or will upgrade to new devices in the future.”

It could be possible, for example, to implement a simple sign-on in a browser-based service and potentially carry on this authentication to access an accompanying Android mobile device without the need to validate a user multiple times.

TechRepublic: 5 workplace technologies that cause the most employee data breaches

“Google has long worked with the FIDO Alliance and W3C to standardize FIDO2 protocols, which give any application the ability to move beyond password authentication while offering protection against phishing attacks,” said Christiaan Brand, Product Manager at Google. “Today’s announcement of FIDO2 certification for Android helps move this initiative forward, giving our partners and developers a standardized way to access secure keystores across devices, both in market already as well as forthcoming models, in order to build convenient biometric controls for users.”

While a number of browsers including Google Chrome, Microsoft Edge, and Mozilla Firefox — with Apple’s Safari browser included as a preview and a potential future rollout — already support the system, the shift to a mobile ecosystem which caters to users in the billions represents what could be a radical change for what we consider basic online security.

CNET: Microsoft says Russian hackers targeted European researchers

With so many of us still using terribly easy-to-crack passwords and automated hacking tools making brute-force attacks a breeze, passwordless, strong authentication which relies on authenticity cues which may be far more difficult to break can only be of benefit to online users. It simply remains to be seen how many developers adopt the standard. 

Previous and related coverage

Credit: Source link

Previous Post

And Monty Hall Went Bayesian...

Next Post

Study: Partnered with machine learning, brain scans reveal how people understand objects in our world — (Details)

Related Posts

Malaysia Airlines suffers data security ‘incident’ spanning nine years
Internet Security

Malaysia Airlines suffers data security ‘incident’ spanning nine years

March 3, 2021
Remote work: 5 things every business needs to know
Internet Security

Remote work: 5 things every business needs to know

March 3, 2021
New app rollout helps reduce paperwork for NSW frontline child protection caseworkers
Internet Security

New app rollout helps reduce paperwork for NSW frontline child protection caseworkers

March 3, 2021
Linux Mint may start pushing high-priority patches to users
Internet Security

Linux Mint may start pushing high-priority patches to users

March 3, 2021
Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root
Internet Security

Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root

March 3, 2021
Next Post
Study: Partnered with machine learning, brain scans reveal how people understand objects in our world — (Details)

Study: Partnered with machine learning, brain scans reveal how people understand objects in our world — (Details)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Malaysia Airlines suffers data security ‘incident’ spanning nine years
Internet Security

Malaysia Airlines suffers data security ‘incident’ spanning nine years

March 3, 2021
URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange
Internet Privacy

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

March 3, 2021
This Protein Therapeutics Company Integrates Wet Lab For High-Speed Characterization With Machine Learning Technologies To Guide The Search For Better Antibodies
Machine Learning

This Protein Therapeutics Company Integrates Wet Lab For High-Speed Characterization With Machine Learning Technologies To Guide The Search For Better Antibodies

March 3, 2021
Breadcrumbing Job Applicants: Bad for Employers
Marketing Technology

Breadcrumbing Job Applicants: Bad for Employers

March 3, 2021
Remote work: 5 things every business needs to know
Internet Security

Remote work: 5 things every business needs to know

March 3, 2021
Yum! Brands Acquires AI Company
Machine Learning

Yum! Brands Acquires AI Company

March 3, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Malaysia Airlines suffers data security ‘incident’ spanning nine years March 3, 2021
  • URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange March 3, 2021
  • This Protein Therapeutics Company Integrates Wet Lab For High-Speed Characterization With Machine Learning Technologies To Guide The Search For Better Antibodies March 3, 2021
  • Breadcrumbing Job Applicants: Bad for Employers March 3, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates