Pocket Computer Could Someday Eliminate Passwords
RSS feeds on msnbc.com
Add these headlines to your news reader
How much easier would your day-to-day technological interactions be — logging on to your Facebook and Twitter pages, your email, your bank account — if you never had to remember another password, ever?
Frank Stajano, a University of Cambridge computer science researcher, envisions such a utopia, and he has an idea to get us there. It's called "Pico," a tiny portable computer capable of acting as an authenticator for thousands of different devices and services, Andy Greenberg from Forbes reported.
In his paper, "Pico: No more passwords!" which he presented at last week's USENIX security conference, Stajano explained that Pico would be small device with a radio and camera that would use cryptography to create and store keys for every device it needed to authenticate.
"When it authenticated with those pieces of hardware or software, the Pico's camera would read a visual code on a login screen or device to identify it, and then send out a message over its radio to a remote login server, encrypting a message to it that only the service would be able to decrypt with a secret key," Greenberg explained.
As a final step, the remote server would send back a message to the Pico computer that, once decrypted, would unlock the target.
"Pico replaces all passwords, not just Web ones, including screen saver passwords, passphrases to unlock files on your local computer and the PINs of standalone devices such as your car stereo, burglar alarm, phone or smart cards," Stajano wrote in his paper.
He added that when using Pico, "the user no longer has to type the damn password."
Certainly seems like a no-brainer: it would eliminate not only the need to remember dozens of different passwords, especially long, complex ones, but it would also thwart malicious apps, keyloggers and Trojans from stealing passwords. The traditional and rampant techniques cybercriminals use to steal users' online credentials would effectively be rendered obsolete.
There is one small problem. Pico doesn't exist. But it's Stajano's vision that Pico will be developed and put into widespread use.
"I have decided not to patent any aspect of the Pico design," he wrote. "If you wish to improve it, build it, sell it, get rich and so forth, be my guest."
- 6 Signs Your Computer Has Been Infected … and 4 Ways to Fix It
- How to Create, Remember Super-Secure Passwords
- How Password Generators Work
MORE FROM SECURITY
Add Security headlines to your news reader: