Hitoshi Kokumai

1年前 · 2 分の読書時間 · visibility ~100 ·

chat 著者への問い合わせ

thumb_up 関連性 message コメント

Text Password - Lamentable, Not Blamable

Text Password - Lamentable, Not Blamable

We can LAMENT that text passwords are so hard to manage, but it would be silly if we BLAME the text passwords when citizens do not have an alternative solution with which the citizens can achieve the same or better security without depending on the text passwords.

 We recommend a simple two-factor authentication made of ‘a remembered text password’ and ‘a memo with a long text password on it’.  The merits are that everyone can use at no cost, right now, anywhere in the world.

 It would enable you to extract an additional power from the legacy password systems of your service providers. With the high entropy that stands fierce brute force attacks, it can be used to create reliable master-passwords for single-sign-on services and password managers.

 We are an advocate of Expanded Password System that we believe will be the final solution to the password predicament, but it might well take some more years before it becomes readily available to every citizen on the globe, whereas the damaging password incidents show no sign of abating. It is why we wish to suggest this simple affordable stopgap solution for now.

Shortlisted for “FDATA Global Open Finance Summit & Awards 2019”

We have learned that Financial Data and Technology Association shortlisted our proposition on How to Build Sustainable Digital Identity Platform” for “FDATA Global Open Finance Summit & Awards 2019” held on 4-5/Dec in Edinburgh in the category of “Best innovation in security management – Who has done the most to protect consumer data” as per

https://fdata.global/summit/awards-2019/

https://fdata.global/wp-content/uploads/2019/11/2019-Summit-Agenda.pdf

Below is the summary of our proposition.

The subject of this article is a fragile digital identity built with a weak password, which makes a grave choke point of the cyber age.

Secret credentials are absolutely necessary for digital identity in democratic societies. The text password, which is a section of the secret credentials, is known to be too hard to manage. We could look for something other than the text password as the valid secret credential.

Three big myths are rampant in the sphere of digital identity. These are ‘Higher security to be achieved by removal of password’, ‘Passwords to be killed by the biometrics that is dependent on passwords' and ‘Passwords to be displaced by PIN that is no more than a weak form of numbers-only password’.

Unraveling these myths, we come to the conclusions that we must look for something really valid in the sphere of ‘Non-Text Password’ and that the identity of 'citizens' cannot be separated from their volition and memory while the identity of 'things' can be handled only technologically.

Our own autobiographic memory, especially episodic memory, enables us to come up with the most reliable digital identity platform, bidding farewell to the unsafe and torturous identity authentication.

< Related Articles >

Context-dependent Descriptions of ‘Password-less’ Authentication

Publication on EDPACS of Taylor & Francis

History, Current Status and Future Scenarios of Expanded Password System

#identity #authentication #password #security #safety #biometrics #fintech #ethic #privacy #civilrights #democracy


thumb_up 関連性 message コメント
コメント

その他の記事 Hitoshi Kokumai

ブログを見る