Hitoshi Kokumai

6ヶ月前 · 1 分の読書時間 · visibility 0 ·

chat 著者への問い合わせ

thumb_up 関連性 message コメント

Who Benefits?

Who Benefits?Better Security!<br />
<br />
Better Security!<br />
<br />
Better Security!<br />
<br />
For whom it's better?

"Microsoft promises to ease the pains of going passwordless "   https://www.cnet.com/news/microsoft-promises-to-ease-the-pains-of-going-passwordless/

The report says “Roughly 200 million people using Microsoft services already have made the jump past passwords”. I would like to add “Who benefits?”

If ‘passwordless’ means ‘removal of the whole password family including PIN’, the ‘passwordless’ announcement was correct and this solution would be tantamount to an ATM that automatically dispenses your money against your bank card without asking for your PIN. Who benefits from this brilliant feat?

If those passwordless people were of the view that PIN, that is a numbers-only password, is not a password and therefore PIN can be used in a passwordless solution, who benefits from such misleading ‘PIN-dependent passwordless login’?

Unfortunately, too many security people are too indifferent to the true nature and characteristics of authentication factors.

Ref: “What We Know for Certain aboutAuthentication Factors”


* Attempts to compare the vulnerability of a wisely or poorly managed password with that of a poorly or wisely deployed physical token would obviously take us nowhere.




Key References 

“Removal of Passwords and Its SecurityEffect”

"Aiming to Destroy Democracy?"

Digital Identity for Global Citizens

Image-to-Code Conversion by Expanded Password System

Summary and Brief History - Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Additional References

Account Recovery with Expanded Password System

External Body Features Viewed as ‘What We Are’

 History, Current Status and Future Scenarios of Expanded Password System

Negative Security Effect of Biometrics Deployed in Cyberspace

Availability-First Approach

Update: Questions and Answers - Expanded Password System and Related Issues (30/June/2020)

 < Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes - narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space - "below-one" factor authentication

< Media Articles Published in 2020 >

Digital Identity – Anything Used Correctly Is Useful https://www.valuewalk.com/2020/05/digital-identity-biometrics-use/

‘Easy-to-Remember’ is one thing ‘Hard-to-Forget’ is another https://www.paymentsjournal.com/easy-to-remember-is-one-thing-hard-to-forget-is-another/

Identity Assurance And Teleworking In Pandemic https://www.informationsecuritybuzz.com/articles/identity-assurance-and



thumb_up 関連性 message コメント
コメント

その他の記事 Hitoshi Kokumai

ブログを見る