Jump to content

Standards Milestone Could Mark Beginning of End for Passwords

Matthew Valencia
 Share
Posted

https://www.technewsworld.com/story/Standards-Milestone-Could-Mark-Beginning-of-End-for-Passwords-85268.html  

 

A Web standards milestone announced Tuesday could point to the end of the road for pesky passwords.

The new standard, WebAuthn, has won near-final approval from the World Wide Web Consortium, which establishes Web standards.

WebAuthn defines a standard Application Program Interface that can be incorporated into browsers and Web infrastructure. It opens the door for new ways for users to authenticate themselves on the Internet that are more secure and convenient than passwords.

"Security on the Web has long been a problem which has interfered with the many positive contributions the Web makes to society," said W3C CEO Jeff Jaffe.

"While there are many Web security problems and we can't fix them all, relying on passwords is one of the weakest links," he continued. "With WebAuthn's multifactor solutions, we are eliminating this weak link."

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

This will also make it easier for them to track you and know exactly who and where you are :) but at this point that won't make any difference anyway.

NEW PC build: Blank Heaven   minimalist white and black PC     Old S340 build log "White Heaven"        The "LIGHTCANON" flashlight build log        Project AntiRoll (prototype)        Custom speaker project

Spoiler

Ryzen 3950X | AMD Vega Frontier Edition | ASUS X570 Pro WS | Corsair Vengeance LPX 64GB | NZXT H500 | Seasonic Prime Fanless TX-700 | Custom loop | Coolermaster SK630 White | Logitech MX Master 2S | Samsung 980 Pro 1TB + 970 Pro 512GB | Samsung 58" 4k TV | Scarlett 2i4 | 2x AT2020

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

For those wondering how you would log in without a password:

Quote

FIDO's aim is that its specifications will support a full range of authentication technologies, including biometrics such as fingerprint and iris scanners, voice and facial recognition, as well as existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB security tokens, embedded Secure Elements (eSE), smart cards, and near field communication (NFC).[4] The USB security token device may be used to authenticate using a simple password (e.g. four-digit PIN) or by pressing a button.[5] The specifications emphasize a device-centric model.[4] Authentication over the wire happens using public-key cryptography.[4] The user's device registers the user to a server by registering a public key.[4] To authenticate the user, the device signs a challenge from the server using the private key that it holds.[4] The keys on the device are unlocked by a local user gesture such as a biometric or pressing a button.[4]

https://en.wikipedia.org/wiki/FIDO_Alliance


Devices such as mobile phones and modern laptops that have built in fingerprint scanners, facial recognition capable cameras, microphones, and NFC chips could easily adopt this new standard, however users of desktop PCs which lack many of these features may still be struggling to remember "correcthorsebatterystaple" for a little while longer.

 

 

CPU: Intel i7 6700k  | Motherboard: Gigabyte Z170x Gaming 5 | RAM: 2x16GB 3000MHz Corsair Vengeance LPX | GPU: Gigabyte Aorus GTX 1080ti | PSU: Corsair RM750x (2018) | Case: BeQuiet SilentBase 800 | Cooler: Arctic Freezer 34 eSports | SSD: Samsung 970 Evo 500GB + Samsung 840 500GB + Crucial MX500 2TB | Monitor: Acer Predator XB271HU + Samsung BX2450

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Quote

The specifications emphasize a device-centric model.

Oh. So this is basically no different than just using icloud keychain and a good password. That's kinda dumb; I was expecting something actually cool.

Current LTT F@H Rank: 90    Score: 2,503,680,659    Stats

Yes, I have 9 monitors.

My main PC (Hybrid Windows 10/Arch Linux):

OS: Arch Linux w/ XFCE DE (VFIO-Patched Kernel) as host OS, windows 10 as guest

CPU: Ryzen 9 3900X w/PBO on (6c 12t for host, 6c 12t for guest)

Cooler: Noctua NH-D15

Mobo: Asus X470-F Gaming

RAM: 32GB G-Skill Ripjaws V @ 3200MHz (12GB for host, 20GB for guest)

GPU: Guest: EVGA RTX 3070 FTW3 ULTRA Host: 2x Radeon HD 8470

PSU: EVGA G2 650W

SSDs: Guest: Samsung 850 evo 120 GB, Samsung 860 evo 1TB Host: Samsung 970 evo 500GB NVME

HDD: Guest: WD Caviar Blue 1 TB

Case: Fractal Design Define R5 Black w/ Tempered Glass Side Panel Upgrade

Other: White LED strip to illuminate the interior. Extra fractal intake fan for positive pressure.

 

unRAID server (Plex, Windows 10 VM, NAS, Duplicati, game servers):

OS: unRAID 6.11.2

CPU: Ryzen R7 2700x @ Stock

Cooler: Noctua NH-U9S

Mobo: Asus Prime X470-Pro

RAM: 16GB G-Skill Ripjaws V + 16GB Hyperx Fury Black @ stock

GPU: EVGA GTX 1080 FTW2

PSU: EVGA G3 850W

SSD: Samsung 970 evo NVME 250GB, Samsung 860 evo SATA 1TB 

HDDs: 4x HGST Dekstar NAS 4TB @ 7200RPM (3 data, 1 parity)

Case: Sillverstone GD08B

Other: Added 3x Noctua NF-F12 intake, 2x Noctua NF-A8 exhaust, Inatek 5 port USB 3.0 expansion card with usb 3.0 front panel header

Details: 12GB ram, GTX 1080, USB card passed through to windows 10 VM. VM's OS drive is the SATA SSD. Rest of resources are for Plex, Duplicati, Spaghettidetective, Nextcloud, and game servers.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Wasn't this posted before? 

or is this something else?

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

I think it's the same... Just joined here like an hour ago I have no idea .-.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
6 minutes ago, Sauron said:

Wasn't this posted before? 

or is this something else?

yeah it's the same my bad

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
13 minutes ago, Enderman said:

This will also make it easier for them to track you and know exactly who and where you are :) but at this point that won't make any difference anyway.

Don't be so paranoid. It's not as if the FBI and NSA are going to demand a backdoor be put in to allow them access...

 

Spoiler

image.png.40ea8099c0e07937f1667893222c2921.png


And yeah looks like a duplicate thread. inb4 lock

CPU: Intel i7 6700k  | Motherboard: Gigabyte Z170x Gaming 5 | RAM: 2x16GB 3000MHz Corsair Vengeance LPX | GPU: Gigabyte Aorus GTX 1080ti | PSU: Corsair RM750x (2018) | Case: BeQuiet SilentBase 800 | Cooler: Arctic Freezer 34 eSports | SSD: Samsung 970 Evo 500GB + Samsung 840 500GB + Crucial MX500 2TB | Monitor: Acer Predator XB271HU + Samsung BX2450

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 minutes ago, Matthew Valencia said:

I think it's the same... Just joined here like an hour ago I have no idea .-.

 

1 minute ago, Matthew Valencia said:

yeah it's the same my bad

No problem, remember to check next time

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
16 minutes ago, Spotty said:

For those wondering how you would log in without a password:


Devices such as mobile phones and modern laptops that have built in fingerprint scanners, facial recognition capable cameras, microphones, and NFC chips could easily adopt this new standard, however users of desktop PCs which lack many of these features may still be struggling to remember "correcthorsebatterystaple" for a little while longer.

 

 

you use that password too? :/

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing Tech News

×