Hitoshi Kokumai

1年前 · 1 分の読書時間 · visibility 0 ·

chat 著者への問い合わせ

thumb_up 関連性 message コメント

‘Improvised’ 2-factor authentication everyone can deploy right now at no cost

‘Improvised’ 2-factor authentication everyone can deploy right now at no costMemo with a Password written on it<br />
<br />
Device with a Password stored on it<br />
<br />
Is it correct to handle them as 'What We Know’<br />
like "Remembered Password’?

We would like to make a suggestion to extract an extra power from the ubiquitous legacy password systems.

It might take some more years before Expanded Password System we advocate becomes readily available to every citizen on the globe. As a stopgap measure for security-conscious citizens, we would suggest an 'improvised' two-factor authentication that everyone can deploy right now at no cost.

Combine a 'remembered password' (what we know) and a 'memo with a long password written on it' (what we possess). That's all. The combined password sent out to the authentication server, if properly hashed, has the much higher entropy that might well stand a rainbow attack and very fierce brute force attacks. Citizens would not have to worry so desperately if their hash data got leaked.

All that citizens need to do is take a small trouble of combining a remembered password and a memo with a long password written on it. Economically it absolutely costs nothing to both service providers and citizens. It can be started right now at any password accounts anywhere in the world. The global cyber space would be not a little safer than it is now depending on how quickly this suggestion spreads out.


#identity #authentication #password #security #safety #biometrics #ethic #privacy #civilrights #democracy


thumb_up 関連性 message コメント
コメント

その他の記事 Hitoshi Kokumai

ブログを見る