Bizarre Theory of Password-less Authentication
The theory is “A ground force can be easily defeated by air attack. Then, removing the ground force from our defense will make our defense securer”.
Replace ‘ground force’ with ‘password’, ‘air attack’ with ‘password theft’ and ‘defense’ with ‘cybersecurity’ and we realize that this is what happens when ‘insufficient’ is mixed up with ‘harmful’ in cyberspace
Well, why are we so persistent in busting the falsehood of password-less authentication?
Because the wide-spread falsehood of password-less authentication is so persistent as indicated in this report – “Is the future of cybersecurity passwordless?”
https://www.openaccessgovernment.org/passwordless/97090/
The true effects of removing secret credentials are discussed here – “On Devastating Effects of Removing Password”
PS
A token-less authentication could also be achieved for ‘better security’ if ‘ground force/password’ is replaced with ‘physical token’. Intriguing, isn’t it?
Entertaining Security Parodies
Current foot brakes are far from sufficient in the slip distance. This means that the foot brake system is dangerous. We have now removed the dangerous foot brake system from the cars we sell. We instead offer the safer cars that are equipped with better steering handles, better acceleration pedals and better hand brakes.
Physical keys are often stolen, copied and abused. This means that the lock/key system is dangerous. We have now removed the dangerous lock/key system from the houses that we sell. We instead protect our houses by making the door panels thicker and heavier
Passwords are often stolen, leaked and abused. This means that the password system is dangerous. We have now removed the dangerous password system from digital identity. We now protect the digital identity of our clients by offering the safer combinations of ‘physical tokens and biometrics’ instead of the dangerous combinations of ‘passwords’, ‘physical tokens’ and ‘biometrics’.
A house with two entrances provides better security against burglars than a house with one entrance. We suggest the owners of one-entrance houses to place an extra entrance for better security in the regions where we do not have to care about the definition of ‘better’ or for whom it is ‘better’.
Biometrics, when used as an authenticator in cyber space, needs to be deployed in ‘multi-entrance’ method with a password/PIN as a fallback measure against false rejection. We now offer the password/PIN-dependent biometrics that provides better security than the password¬-alone authentication. Our proposition is viewed as valid where they do not ask the definition of ‘better’ or for whom it is ‘better’.
A paper knife (specific/subordinate concept) belongs to the knife (general/superordinate concept). Therefore, a paper knife must be able to perform what the knife is unable to perform.
A PIN, which is a weak form of numbers-only password, belongs to the password. A PIN (specific/subordinate) must be able to offer the high level security that the password (general/superordinate) is unable to offer, possibly in a cyber version of Alice’s Wonderland.
Hitoshi Kokumaiの記事
ブログを見るWe today take up this report “NSA: We 'don't know when or even if' a quantum computer will ever be a ...
The quantum computer held in a bad guy’s hand is indeed a big threat. So is the artificial intellige ...
Some friends directed my attention to this news report - · “Biometric auth bypassed using fingerpri ...
関連プロフェッショナル
この職種に興味がある方はこちら
-
塾講師 アルバイト 個別指導
次の場所にあります: beBee S2 JP - 36分前
個別指導東京学生会 和光教室 和光市, 日本 パートタイム雇用形態 · アルバイト · 職種・指導形態 · 個別指導 · 給与 · 1授業80分1,790円〜2,090円 · *上記は高校生を含む生徒2人の指導の場合。研修期間75日間は1コマ1730円。研修終了後に1790円にUP。中学生2人は1650円(研修中は1590円) · ★勤務日数75日ごと、60円ずつ時給UP 300円まで昇給 · 最寄駅 · 和光市駅より徒歩8分 · 朝霞駅より徒歩27分 · 待遇 · ★75日の勤務実績で60円ずつUP · *勤務日数に応じて昇給します · *勤務実績やかんたんな昇給テストによりますが、ほとんどの講師が昇給します ...
-
プラントエンジニア
次の場所にあります: beBee S2 JP - 1日前
西日本プラント工業株式会社 福岡市, 日本 フルタイム· ■ この求人のポイント · 【持続可能な社会の実現に貢献】脱炭素社会に向かう社会の変化をチャンスに変え、新たな可能性を追求 · 1954年の創業以来、九州エリアを中心に火力発電設備や原子力発電設備等の設計、建設からメンテナンスまでを担い、電力の安定供給に貢献してきた当社。 · 脱炭素社会に向けた変革や、少子高齢化、デジタル化など社会が大きく変化していく中、当社は新エネルギー領域への取り組みなど、これまでの活動領域に囚われない新たな可能性を求めて日々挑戦を続けています。あなたもそんな当社で、経験を活かして活躍しませんか? · ■ 仕事内容 · 具体的 ...
-
臨床検査技師
次の場所にあります: Talent JP C2 - 1日前
公開範囲1.等を含む求人情報を公開する Tsugaru, 日本 フルタイム仕事内容 · ・外来患者さんの検査がメイン業務です。 · ・採血、血液検査(外注と院内どちらもあります)。 · ・心電図、ホルター心電図、24時間血圧計、脈波。 · ・尿検査、簡易ウイルス検査等。 · ・ブランクのある方やクリニックの内科外来が初めての方でも応募 · 可能です。 · ・慣れるまでは先輩職員が付き添いサポートします(入社後すぐに · 1人に全てを任せることはありません)。 · ・見学も可能です。お気軽にご相談下さい。 · *65歳以上の方の応募も歓迎します(労働条件変更なし)。 雇用形態 正社員 派遣・請負等 就業形 ...
コメント
Zacharias 🐝 Voulgaris
3年前 #3
True. Also, the entropy of a PIN password is fairly low, compared to other, more complex passwords, especially those involving random characters. My encryption systems work primarily with 0 ectropy keys (i.e., keys having the maximum possible entropy). Also, they are what s referred to in the industry, post-quantum. I still believe that there is room for synergy between your technology and mine. Cheers
Hitoshi Kokumai
3年前 #2
Do you know some people at Microsoft allege "PIN is not Password. So replacing a password with a PIN enables them to claim that they can achieve a password-less authentication"? The rest of us know that the PIN is no more than a numbers-only password.
Zacharias 🐝 Voulgaris
3年前 #1