It always seems that whether a company uses encryptions, hash functions or other security measures, hackers find a way to break through. In October, Adobe’s security breach compromised more than 38 million user IDs and passwords. In April, LivingSocial’s database was hacked and compromised the personal data of more than 50 million users. And just this month, more than two million passwords were stolen from sites such as Facebook, Google, LinkedIn, Twitter and Yahoo. Also, Target faced a security breach that affected approximately 40 million accounts, the fallout of which remains to be fully understood.
Over time, online security methods have improved and companies continue to urge users to create more secure passwords, but is that enough?
One organization, the Fast Identity Online Alliance (FIDO), is working toward changing the nature of online authentication and reducing the reliance on passwords to authenticate users. The core ideas driving FIDO are ease of use, privacy, security and standardization.
“Consumers are struggling to maintain control of their online identities,” said Michael Barrett, president of the FIDO Alliance, which was formed in July 2012. “They can’t remember the passwords they have, and so they can’t get into their own accounts when they need to.”
The problem, Barrett explained, is that when a user’s password and information is compromised during a security breach, the user may change his or her password, but everywhere else that user applied that old password is now in a compromised position.
One way the company is striving to create easier and stronger user authentication methods is by working with alliance members to create products considered “FIDO Ready.” Although these products haven’t come to market yet, the group recently announced they will be demonstrated at the 2014 International Consumers Electronics Show (CES) in Las Vegas on Jan. 7-10.
“In less than a year, FIDO Alliance specifications have enabled several of our members to produce some remarkable innovative authentication products,” Barrett said. “Participants at CES will benefit from hands-on experience of how open FIDO standards will work to enable truly novel strong authentication technologies. With FIDO specifications, users have a choice of devices and solutions that interoperate and make authentication easier to use, more secure and private.”