Public, private sectors seeking ways to replace passwords

DARPA, FIDO Alliance take different approaches to finding authentication alternatives
Tools

Pretty much everyone hates passwords, and yet they persist as the main method for authenticating computer and network users. That may change before long, though, with the launch this week of two projects looking for alternatives, reports Brian Donohue at ThreatPost.

The first group looking to do away with passwords is the Fast Identity Online Alliance, which is made up of PayPal, Lenovo, Nok Nok Labs, Agnito and Validity.

The FIDO Alliance wants to come up with an open protocol for interoperable authentication technologies. Various authentication solutions would work in a unified infrastructure, along with solutions like USB tokens or one-time passwords.

The second project consists of phase two of the Active Authentication program underway at the Pentagon's Defense Advanced Research Project Agency. In the first phase, the program worked on tools to protect desktop computers. Now, the agency wants to develop behavioral biometrics solutions.

Such biometrics take into account the ways in which users interact with the environment while working on the computer. A biometric platform that brings together the biometrics into one device and conducts the actual authentication also would have to be developed.

For more:
- see Brian Donohue's article at ThreatPost

Related Articles:
Why users choose the obvious for computer passwords
Computer passwords never were very secure
Survey: IT pros guilty of password shortcuts