Search giant Google is set to kill off passwords and is experimenting with USB keys, mobile phones and even jewellery that can act as a physical ‘key’ to give users access to their account.
The firm’s security experts including an Indian are set to publish their findings next month, the Daily Mail reported.
In the upcoming issue of IEEE Security & Privacy Magazine, Google Vice President of Security Eric Grosse and engineer Mayank Upadhyay will detail what is basically a physical key with a ‘smart chip’ embedded inside it.
“Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,” the pair writes in their paper, according to Wired.
To log, users simply place the tiny Universal Serial Bus (USB) drive into their computer.
The firm is also believed to be experimenting with wireless chips that are already built into some mobile phones, and can even be built in jewellery.
“We’d like your smartphone or smartcard-embedded finger ring to authorise a new computer via a tap on the computer, even in situations in which your phone might be without cellular connectivity,” the team writes.
“One option uses a tiny USB key called a YubiKey. When the user plugs the key into a latop, they are automatically logged into all of their Google accounts — without ever having to type in a password,” they explain.
“Another option uses a smartcard-embedded finger ring to authorise a new computer via a tap on the computer,” they said.
The firm is also believed to be addressing the obvious problem with the system users losing their ‘key’ and is thought to be developing a simple system to replace them.
However, the pair admits that they will have to rely on websites to support the scheme.
“Others have tried similar approaches but achieved little success in the consumer world,” they write.
“Although we recognise that our initiative will likewise remain speculative until we’ve proven large scale acceptance, we’re eager to test it with other websites,” they say.