Amid a growing consensus that passwords are not adequately secure, the group of tech companies working to supplant them with something stronger has gained a significant new ally. The FIDO Alliance said today that Google, which has shown a strong interest lately in making user authentication more secure, has joined its board of directors.
FIDO is developing alternative methods to verify a user's identity when they try to log into websites and services, with a spaghetti-against-the-wall approach that includes biometrics, voice and facial recognition, USB security tokens, NFC, and one-time passwords. The goal is to create a standards-based specification for password alternatives that work with internet services and with one another.
Goodbye password, hello authentication ring
Google joins original members Lenovo, PayPal, Nok Nok Labs, and Validity on the board. Semiconductor company NXP and input device maker CrucialTec also joined the board today.
"Joining the FIDO Alliance is a great way to increase industry momentum around open standards for strong authentication," said Sam Srinivas, who leads information security efforts for Google, in a statement. "We look forward to continuing our current development work on strong, universal second-factor tokens as part of a new FIDO Alliance working group."
In January, Google security researchers published a paper outlining new ways to authenticate users. Among them: a USB token that plugs into the user's computer and communicates its identity via a website, giving the user access to their accounts without having to supply a password. Eventually, Google argued, the authentication technology could fit in a ring on your finger.
FIDO, which formed in July 2012, will hold its next meeting with members from May 14th to 16th in San Francisco.