Amid a growing consensus that passwords are not adequately secure, the group of tech companies working to supplant them with something stronger has gained a significant new ally. The FIDO Alliance said today that Google, which has shown a strong interest lately in making user authentication more secure, has joined its board of directors.
FIDO is developing alternative methods to verify a user's identity when they try to log into websites and services, with a spaghetti-against-the-wall approach that includes biometrics, voice and facial recognition, USB security tokens, NFC, and one-time passwords. The goal is to create a standards-based specification for password alternatives that work with internet services and with one another.
Goodbye password, hello authentication ring
"Joining the FIDO Alliance is a great way to increase industry momentum around open standards for strong authentication," said Sam Srinivas, who leads information security efforts for Google, in a statement. "We look forward to continuing our current development work on strong, universal second-factor tokens as part of a new FIDO Alliance working group."
In January, Google security researchers published a paper outlining new ways to authenticate users. Among them: a USB token that plugs into the user's computer and communicates its identity via a website, giving the user access to their accounts without having to supply a password. Eventually, Google argued, the authentication technology could fit in a ring on your finger.
FIDO, which formed in July 2012, will hold its next meeting with members from May 14th to 16th in San Francisco.