Slashdot Mirror
DARPA Wants To Kill the Password
jfruh writes Many security experts agree that our current authentication system, in which end users are forced to remember (or, more often, write down) a dizzying array of passwords is broken. DARPA, the U.S. Defense Department research arm that developed the Internet, is trying to work past the problem by eliminating passwords altogether, replacing them with biometric and other cues, using off-the-shelf technology available today.
Kill and eliminate passwords? Violence is not the answer.
Get free satoshi (Bitcoin) and Dogecoins
You can change a password, you can't change your retina print. What do you do when your account is compromised? Get new eyes?
Ultimately whatever password replacement you come up with gets turned into TCPIP packets over the intertubes. Whether you are measuring my height, fingerprint, penis size or whatever metric you come up with, it gets turned into 0's and 1's that I can grab and duplicate. It is still information on a remote server than can be hacked and used by third parties.
And worse... once hacked, I can't do much to change my biometrics... so I'm totally screwed once the host server is hacked and a million biometric accounts are compromised.
...when the NSA wants to tap into various accounts, they can track exactly who they belong to and who accesses them because it will be linked to your personally identifiable biometrics
"hacking your password" becomes "hacking off your fingers."
Please choose biometrics that aren't part of my extremities.
I can change my password anytime if I think somebody copied it. I cannot change my fingerprint or retina. There is no way I'm giving random webshops or google my biometric data.
If an experiment works, something has gone wrong.
DARPA, the U.S. Defense Department research arm that developed the Internet. I thought that I alone develped the internet
Hacker will take on a new meaning as they take the biometrics needed from someone.
I'm ready to switch passwords for anything else as long as:
1 - It can't be extracted from me by an easier method than torture or blackmail.
2 - It stops working forever if I'm dead.
Otherwise, some blood will have to wash away the naivete. Again.
They're going to make signature of your mind since there is nothing else that couldn't be cut or duplicated.
In the 80s we didn't even bother with passwords, okay maybe by the late 80s. And every machine on the network had an IP that was directly on teh internets. As for this article, it's yet another example of how stupid people, even the intelligent, are when it comes to passwords. Who the fsck writes down a dizzying array of passwords? I know about 5 passwords off by heart at any given time, and use a password manager and an encrypted database to hold all of my passwords. Of course, without 2-factor auth those lists of passwords are seriously dangerous and that, dear humans, is where the danger lies. If anyone manages to crack my passowrd manager or my encrypted database, I'm fscked. Okay, let's hear what the folks have to say about this age old problem.
We've been using them for 30 plus years for ATM machines and they're easy to carry around. And nobody will be kidnapped to make them work.
Passwords don't need to be killed. If you're thinking about replacing it with biometrics, I think that's thinking about the problem the wrong way too. The fact is, we already have all the technology we need to solve this problem much better than we do today. It's simple: instead of passwords, you should have a password protected private key, with a single password, and then use public keys for authentication. That way, you only need to know one password, and you've also eliminated a lot of the danger of snooping on connections because the private key isn't being sent.
Of course, it would require that everyone pretty much agree on one set of standards for how it's supposed to be implemented, and than developers have to build their products with those standards. Then you probably also want some trustworthy and inexpensive/free Certificate Authorities. Ideally you'd want to be able, though not required, to use the same private key for everything-- email encryption, ssh logins, maybe even credit card purchases-- so you'd need mechanisms for managing your keys, keeping them safe but also making them available when needed. Throw in some dual-factor authentication where you want a high level of security, and you've basically solved the issue.
As many, may other have before, because this problem is not really solvable without AU that can recognize a person? Well, it is a waste of taxpayer money, and fail they will. Biometrics is basically unusable unless you have a security guard monitor the taking of the measurement.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
You can kill the password in favor of strong security tokens but if the underlying code is poorly written and full of security holes, then it won't be any more secure than what we have now. If you can steal a few retinal images through an exploit, you could, in theory, make a model with the retinal pattern.
Now thats something innovative DARPA could do: I don't want biometrics, but perhaps someone else might like it, as they don't care much for computers, and would have used a 12345qwert like password.
Come on, most of these authentication methods are inferior, I just don't have the abilities I have with passwords: evil people have to beat me with a stick until they know my password instead of just having to cut off my finger, I can change it whenever I want, a password doesn't identify me (I can stay anon), I can give it to someone else, and when I am eating (drinking, got my finger cut off because someone wanted to break into another computer of mine) something I can enter the password with my other hand, without changing the way my hand tremors.
There's no way I can see this happening, if only because no one would be willing to settle on a single standard for biometric verification. For instance, I can imagine that some places will want a simple fingerprint.. but others will demand that the fingerprint scanner used by the user to submit their prints detect warmth so that they can be sure that there's no artificial prints, dead bodies, or severed extremities being used to bypass the scan.
Other places will want retinal scans (One eye? Both eyes? Proof of life verification?), voiceprints, voiceprints backed by facial recognition, or any number of other things. In the end, it would lead to the end-user being forced to buy lots of expensive hardware, some of which they may never wind up using. The other thing they don't consider - what about mobile devices that don't have multiple USB ports, or can't support the drivers for biometric scanners?
Passwords can work, but human-readable ones do not. What we need are more secure passwords that aren't human-readable, not Minority Report.
Not as hard to implement as some of the pipe dreams out there. Of course, it does require a degree of tech savvy on the part of users - and more importantly, enforcing it's use, to avoid laziness bypassing.
Then your challenge becomes certificate transport - you'll need a way to carry around your cert, or somehow get hold of it when you need it, which is easier said than done. The real advantage of passwords is their portability. Biometrics have a similar advantage, but as already noted - are a bit harder to revoke/change.
Any biometric password should be based on a certificate, not a direct digital representation of the biometric.
Is it just my observation, or are there way too many stupid people in the world?
How about a standard protocol around devices like Yubikey hardware tokens for integration in the browser (or use with other applications):
https://air.mozilla.org/fido-u...
Google, Microsoft are already involved, Mozilla is looking into it.
New things are always on the horizon
And he causes all, the small and the great, and the rich and the poor, and the free men and the slaves, to be given a mark on their right hand or on their forehead, and he provides that no one will be able to buy or to sell, except the one who has the mark, either the name of the beast or the number of his name. Rev 13:17
Don't people just click on the 'Forgot Password' button every time their browser forgets their password?
Korma: Good
merhaba arkadalar türkiyeden katlyorum buraya. benim siteme sizleride beklerim www.islamisohbete.org
So whereas biometrics might replace a traditional "password" - we need more systems which aren't vulnerable to the type of 1.8-billion-password-stealing-Russian-problems we see all over the place. I have been a big fan of much of the two-factor stuff, and some of the hashing schemes out there. It will be interesting to see what kind of other solutions could exist - though I don't think anything "static" like biometrics gets us anywhere.
The biometric information can be secured using hashed and salted databases.... unfortunately that's the exact same thing which companies are already not using giving us compromised passwords. The one nice attribute of bioinformatics which can somewhat protect information is that the information gathered from sensors is statistical in nature so simply copying the raw bytes will be easy to detect but it also wouldn't be hard to manipulate the information so it looks unique.
If instead of switching from one factor to another they promoted multi-factor authentication, they'd relax constraints on each factor (ie. passwords easier to remember, biometrics cheap to implement).
I know this doesn't apply to all of you, but our company want us to change password every three month.
I know this is pointless, but hopefully, after I compliant enough times on various places, this stupid rule can be removed.
I suppose that having to remember multiple passwords could be quite a burden for some.
An identity chip implant would fix that.
Personally, i'd take a little ginseng and work on sharpening my memory instead.
Using biometrics as an authentication factor (with or without passwords or token generators) brings me to:
[1] Can the biometric be consistent across different vendors or models of readers - or will people be locked-in to individual vendors (or worse, models) of readers?
[2] Is the interface between the biometric reader and the computer secure?
[3] How stable are biometrics over time - both long term and short term?
[4] What happens when the same biometric is used in different security contexts - from banking to dating sites?
I doubt that these are new questions, but other than the stability of biometrics over time, I don't recall seeing them asked before.
What happens if you get sick or injured? Can you imagine pink eye with retinal scanners?
Yes, this is the serious problem-- just as serious as the problem of people fooling the password-alternative is the problem of the false negatives: getting locked out.
Notice that most of these weren't fingerprint scanners or retinal scanners-- they were stuff like gait monitors, or even more bizarre stuff, like listening to your heartbeat. So, if you twist your ankle--or even buy a new pair of shoes-- you're out of luck. Taking pseudoephedrine for a cold? Ooops, your heartrate is different. You're locked out.
--instead of using these instead of password, however, what about if you use alternate ID as a second check. It doesn't lock you out, but it does trigger a watchdog alert that pays attention to what you're doing.
You can change a password, you can't change your retina print. What do you do when your account is compromised? Get new eyes?
Yes, we've all seen dozens of those science fiction stories where they steal people's eyes, or cut off their fingers, or take swabs of their DNA.
http://www.geoffreylandis.com
Because they can't locate exactly where in your brain that testy password is stored so they could remove it, they will be very excited with your fingerprint, drop of blood, or eyeball.. thank you very much.
Pam: Oh, OK, then good luck with all the biometric scanners. Unless you wanna cut off my fingers and scoop out my retinas.
Kidnappers look at each other.
Pam: Oh, don't be dicks!
Koans and fables for the software engineer
"Stick your hands up, and hand over your eye".
And just before someone brings up the usual "but the scanner won't accept a dead eye"... That line of thinking is a sign of a coldblooded bureaucrat (or BOFH) who cares only about the system. When your eye is refused by the scanner, I'm going to think you tricked me into cutting out the wrong eye. Guess what, now you're losing the other eye also.
An important safety aspect of a password is that it can safely be handed over to the guy with the gun. Then you can change the password once you're safe.
Now instead of using a $5 hammer to coerce the password out of me, the bad guys will use a $5 saw to cut off my fingerprint.
Passwords don't simply show your identity. Making the choice to enter them also shows your permission. Sure they can be snooped, but they can't be easily extracted against your will. All biometric based keys are available with a warrant. The password is the only one that I know of that I have any chance of hiding. By carefully employing different passwords for every site with the aid of KeePass or a similar tool and changing them all periodically (would be nice if KeePass automated this) and guarding KeePass with the strongest encryption, a very strong password, and another key, I've got a better chance of controlling access to my data (which I consider little different from my mind) than with any other approach I've heard of.
Because accidents happen. No matter how improbable... no matter what kind of artificial barriers we might try and design to prevent them, over time even the unthinkable can and often will happen.
And when it does, some kind of mitigatory system needs to be in place, or else once the system has been compromised, nobody will ever want to use it again. In the case of biometrics, if a database of people's biometric "passwords" has been compromised, potentially allowing somebody to access whatever that database might be linked to, that mitigatory system is going to end up being the password until a different biometric system can be put in place.
Biometrics can make sense as an alternative to passwords in some contexts... such as on an internal and private network, where certain people who work there need regular access to particular information, while they do not want just anyone using the computers, and biometrics can measured by a computer much more quickly than a password can be entered, so it serves as a convenient shortcut. They don't, however, make sense as a general replacement for passwords. Honestly, I can't help but feel that the people who keep suggesting this are terminally lazy and don't want to have to remember passwords in the first place.
File under 'M' for 'Manic ranting'
As long as the new method is not based on biometrics
At work I have so many passwords with different requirements and different reset schedules that I had to turn to the low tech approach of writing every one down on a post it note and hiding it under my calculator on my desk. I do take my laptop home every evening.
Interesting enough, email is the only program we no longer have to sign in to each time, and it also does not time out after inactivity like every other program. That is the place where most sensitive business information would be located. All they would need to do is crack my windows password (while also knowing my login name).
I wish I could log in to windows and do one authentication to unlock every other program I use routinely.
"Action without philosophy is a lethal weapon; philosophy without action is worthless."
If DARPA doesn't like passwords, they shouldn't use them. But that shouldn't have any bearing on us puny civilians.
Remember kids, if you're not paying for the service, YOU ARE THE PRODUCT THAT IS BEING SOLD.
And I wouldn't give biometric data to any (large) corporations anyway. Their profit motivation means that at least one per year someone in every corporation is going to suggest to sell that data to a 3rd party.
Biometrics is a great idea to ensure that people are in direct proximity of the device, but what about all the remote control I do?
It little behooves the best of us to comment on the rest of us.
The last thing we need is for our biometric information to be in the hands of every web site which requires a login.
It will kill anonymity, because you will be universally identified.
Sorry, DARPA, but we trust neither you nor private corporations with this kind of stuff.
Lost at C:>. Found at C.
Biometrics are the login, the identification of a person or account, but not the secure part to protect your information from unwanted access.
You can provide robber a pin to your house or ATM that triggers silently a security alarm.
With bio-metrics you people will start loosing fingers and other body parts - not a good idea.
Every single site has a different way of giving you a way to change your password. This makes it impossible to write programs to write programs to change your password....like a password manager for instance. Imagine if you could just type in your new password into your password manager program, and it changes all the passwords it manages with one click. They could all be randomly generated and different for every site. Hints, recovery, email addresses, could all be updated with one click. With a history as to the previous versions in case something went south.
Instead of struggling with writing all the captcha's, and strength meters, and interfaces, and all the CRAP that the every site on the planet does differently. Just standardize the interface and maintenance of passwords. And then standardize the strength of the generator programs. And voila, permanent security that is controlled where it should be: in your hands.
I would feel better about the call to stop using them if it wasn't a government organization suggesting it.
"If any question why we died, Tell them because our fathers lied."
The right answer looks a lot more like this:
http://www.yubico.com/products/yubikey-hardware/yubikey/
Biometrics are a terrible idea, a crypto key, (that authenticates by asymmetrically signing a server genereated nonce) that you authenticate to with one password is much better.
DARPA: send beer
nntp://news.grc.com/grc.sqrl/
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
TFA actually speaks on seven ways passwords may be avoided, with biometrics being but one of them. All seven build on extracting unique identifiers from physique or behaviour. All seven are wrong because of one simple reason: if someone mimics whatever chosen identifier good enough (either by hacks or by actually mimicing me), how can I change my `password'? I can't. Trashcan.
In the 80s we didn't even bother with passwords, okay maybe by the late 80s.
Err no! you are thinking of early PC's and their single tasking equivalents. Passwords to access multitasking computing systems have been around from at least the 1960's. The Unix OS was designed and enhanced with user names and appropriate passwords going back to at least the early 1970's.
Actually even today a good password is quite hard to break even with so called "man in the middle" attacks providing you are using something like ssh and possible one time passwords (I used this type of access back in the mid 1990's) to access machines.
In many ways as long as you have a good remembered password to access your PC you should only have to worry about your PC being compromised by Viruses, Trojans and social engineering attacks. As long as you are aware and know how to recover from an attack (most people don't) then you are pretty safe from mall-wear. Even if you are compromised then you should have some idea on who to contact such as Banks , Web site etc to report and hopefully resolve the issue.
There ain't no such thing as proprietary standards only proprietary formats. Standards are by definition open.
Sure, even today some people have easy passwords like 'password' and '12345678' but the largest problem is the companies that store those passwords having holes in their systems. Fix the holes. Make companies financially responsible for any damage done when passwords are stolen from their systems. Someone exploits a hole in HotMail and accesses my account and sends fraudulent emails, Microsoft should have to pay me for that damage. THEN this shit will get fixed.
Why wouldn't the government want to move from an authentication system that is impossible to crack (the key is only in your mind) to a tangible system that is subject to court orders and external verification? A court can order you to reveal your password, but there's no way for them to know for certain that you haven't misremembered them, forgotten them, or just plain lied. With a tangible system they can verify, which is what they're really after.
Keep in mind that the court has ruled that what you are is not protected by your 5th amendment rights. That is you can not (legally) be forced to turn over your passwords, but because your finger prints and retinal scans are part of who you are (like DNA) you can be forced to provide it. So from a legal perspective, passwords are much safer than biometric data.
With biometrics alone there are no secrets.
Banks seem to have figured this out and for new computers/locations you have to go through additional verifications, but once a new computer location is verified then you can just login with username and password. Some services will actually prevent login from places that the user doesn't usually login from even if the attacker has username and password.
But basing authentication solely on biometrics, or even partially, is like bases authentication on a password you tattoo to your face. Fingerprints... you could never touch anything again. Facial... you would have to wear a veil. Retinal... same thing, can't appear in public because high resolution cameras can capture the retina. Etc etc. Biometrics are a terrible way to do authentication, especially as technology improves, unless you are talking about an actual guard at the front desk or a gate looking at your face to compare with what is in the database. Otherwise you are just talking about fooling an algorithm with some equipment with an algorithm and some equipment because with biometrics there are no secrets.
If anything biometrics could be simply easier and better than remembering a username. So, you would just need a password.
The DARPA verification method would have to use multiple biometric markers since you could always think of a situation where a medical condition renders one or more of them useless. The person with eye problems who can't use retina scan, the person with damaged fingertips who can't use fingerprint, the person with throat or respiratory disease who can't use voice recognition, etc.
It would be much simpler to have a universal two factor token. Something that you enter a PIN into which generates an encrypted token that is then used for login. It would also solve the social security number identity theft problem since you have a unique way of verifying identity.
DARPA really wants a world where YOU have to prove YOU are YOU. The elite won't have to. This way they can track you in a legal chain of custody and any and all "wrong doing" is recorded. Passwords and usernames leave room for doubt...
There are only three ways to authenticate someone no matter what the context:
1) Something you know
2) Something you have
3) Something you are
Any security system is made up of some combination of the above.
Biometric identification is needed to reduce fraud. We all know how easy it is for one person to vote as many times as they want. There is no way to even estimate how much Medicaid recipient fraud costs. Biometrics certainly won't eliminate fraud in these and other places but it's a step in the right direction.
Unfortunately we're very unlikely to see any progress on this anytime soon. Even suggesting that a person should present identification when voting is met with howls of protest.
I have several accounts that are not tied to me but to my employment. Several people access these accounts using the one password. Do biometric systems allow for registering multiple people to one account?
Give people keys. Physical keys. One for the machine, one for the network, and whatever else you need to grant access to.
We still trust keys for houses, cars, lockers, handcuffs, and a host of other things. Why not add keyholes to our information systems?
So, if we kill the password, the foundation on which we have security built now, what does administration look like after that? If we use biometrics, do we turn that over to security, so they can verify your identity? If your fingerprint/retina pattern isn't working, does that mean it's almost always faulty hardware?
It's got to be well thought out to replace something that's just about as intrinsic as the on/off button.
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
As many have pointed out, it is not trivial to change your DNA, Retina, or Fingerprints. What they ignore is that you don't send the DNA, Retina, or Fingerprints to the website database.
One way to do replace passwords effectively would be by utilizing a block chain based technology such as etherium or bitcoin.
Imagine going to your email account, and instead of a login screen, you get a QR code or a login button. This QR Code and login button are simply a public key generated from a private key that is hashed to your particular browser-instance. When you scan the QR code with your smartphone, or push the login button, a blockchain app (similar to the bitcoin wallets in use today) on your phone or computer requests confirmation and sends a token to the email website. When the email website sees the "transaction" from your "wallet" to the wallet generated by the login request, it is able to confirm the username the origin wallet belongs to, confirm the "transaction" is legitimate, and grants access.
Should your "wallet" (which in this system would be designed to be worthless, like dogecoin) be compromised, you can replace it much easier than replacing your retinas :-p
Wouldn't just about any biometric allow identical twins full access to each other's stuff?
Passwords would be fine, if we were allowed to use easily remembered pass phases. Instead we're still often forced to use short passwords (8-12 characters) that consist of upper case + lower case + digit + non-alphanumeric characters. Even though it's pretty well established that pass phrases are, overall, a better way.
The problem is already solved, it just needs to be more widely implemented. Secondary authentication by phone (i.e. receiving an SMS) ensures that no one can get into my Gmail account if they happen to have my password. If my phone gets stolen, I'm going to know to take action quite soon, and they still have to get past the lock screen (though this does raise a good argument for making sure calls/SMS are not be answerable/readable without unlocking the device). Regardless, it would solve 99.99% of the problem.
Another idea I could see catching on is some kind of token ring, like a mix of an NFC ring and those RSA SecureIDs that spit out a random 6-digit code every minute to authenticate, but instead of the user having to type in the code, they just tap their phone/palmrest/screen with the ring. Assuming the rings are available in a few varieties for less than $10, I think most people would opt to use one if it meant avoiding annoying secondary security questions and having to keep a list of impossible to remember passwords (which they still have to change because sites get compromised). It avoids biometric requirements and has the possibility for anonymity (buy a ring at the supermarket, link it to any email account).
www.gaiageek.com
A court can on get your password if you give it to them, but they can hold you down and take your fingerprint. If they don't have it already.
Biometrics? That's exactly what I want, a credential that if stolen I can't possibly change and current uneducated/unimaginative foolishness suggest is "infallible". Fingerprints were once thought perfect but after decades of work most commercial fingerprint systems can still be faked quite easily. It is safe to say that any biometric security measure (facial, palm print, DNA, etc) that becomes prevalent will have a hack within a few years of becoming prevalent.
The good part is that they are concerned about passwords. The bad news is that they do not come up with a good alternative.
There are two issues with passwords. The first is that we are looking for a technical problem with what is essentialy a social problem. Security in itself is already a social problem. How many people will give uup their password to the IT guy or their boss without any question? To their SO, kids or parents?
The second isssue is that we have way too many passwords to remember and there is no single solution. (1) IT people are only looking to how THEIR system is secured and look at it from an, again, technical and not a social point of view. They do not count in the weakest point : humans.
And as long as you do not caqlcualte those in, it won't be solved. ..." they should have said "We want to replace it". That way you are open for a REAL solution.
So instead of saying 'We want to replace it with
(1) If you have a solution, please let me know. It must be one that I can use at home (Linux), at work (Windows, but I am not allowed to install anything and have no Internet access and am not allowed to use any cellphone or other device), on my phone, on PCs that are not mine, on my ATM machine.
Don't fight for your country, if your country does not fight for you.
When logging in site sends query to NSA for authentication question based on records stored in Utah, for example:
I usually take three bathroom breaks a day, except Fidays: TRUE/FALSE?
Widespread use of biometric authentication is, in practice, the same as mandatory password escrow. "Set your password to something we already have, citizen".
Dumbasses. How many pictures of eyes are on the web? That's a lot of passwords.
a finger ring (or better yet an implant) with a unique RFID chip in it.
If the chip is not in close proximity to the computer keyboard, the compuiter immediately lockscreens.
An API to read the unique code of the user's chip would be avaiable to online apps too, so websites can use the same system to authenticate.
For extra security, the ring/implant could also continuously detect the wearer's presence and life, possibly with biometrics as simple as confirming the users pulse. If the signal is disrupted the implant can assume it is no longer secure until its reauthenticated.
Almost all of us carry credit cards, and those from sane countries carry chip&pin credit cards, which have a crypto token built in. Even better, it's verified by institutions that have a strong interest in maintaining a secure system, while not being directly issued by a state. If we could just use them for website login, a whole lot of problems would go away.
Say what, I made mandatory logins in my linux servers, and use pretty much double factor authentication everywhere...
Watch out, this is an trick to use the concerns over the weak passwords people use to push for monitoring and control mandates. Basically, its none of their business to force this on businesses. What kind of authentication a service offers is a private matter between users of the service and the service.
I do think, OpenID does exactly what we need here. its a single sign on system that can work in a decentralized manner between sites, and it does not require biometrics which is just a way to take away privacy. I think what has been needed is a system that makes creating and managing OpenID easy for common users. Then people can use a strong, strong password rather than a lot of weak ones.
Comment removed based on user account deletion
Comment removed based on user account deletion
Comment removed based on user account deletion
Comment removed based on user account deletion
The solution has been around for a long time. If people would use password managers, then they could use better (and unique) passwords. I've never had an account compromised, and I believe that is in large part because, thanks to Apple's Keychain, I'm using strong, unique passwords for every account I sign up for. Every Apple computer has come with this integrated password manager since at least 2002, (that's how far back my oldest passwords go), but idiots don't use it. I have no idea what the situation is like for Windows users, but I'm guessing you'd have to pay for one, and it might not be as well integrated, as far as working with apps. Every OS should come with a password manager, enabled by default, and with a strong password generator.
-- sudon't
Air-ride Equipped
I root for the "passturd"
You poop in a petridish and, provided the brown biomass signature matches, access is granted until the next bowel movement.
Who wants to even try cheat this system?
I'd prefer my camera lens remain behind black electrical tape.
fucking scumbags
Satoshi , Is that you ?
tenspros.com
... aaaaand there goes anonymity.
I assume that would be one of the primary goals of the government.
I think of passwords like DRM. Sure there's a lot of technical solutions and issues, but its fundamentally a a people and market problem.
As others have mentioned, anything can be hacked, copied, stored... if it is turned into bits and bytes. The best you can do is make it inconvenient enough for *most* people to do it.
Most people's homes are hardly secure, but you don't have people talking about the need to get rid of locks. Rather, it is dealt with as a matter of criminal law in terms of break-in and entering.
In the end, you really have to take things as a people problem.
For example, let us assume your authentication system can be broken into it.
What damage can be done? ...
Is it reversible?
Can people go to an office and fix the problem?
What are the penalties for those caught?
These are the real problems. Consider banking. If someone hacks my bank account, more effort can/should be made to make sure this can be addressed and reversed. Whether that is putting a holding period on transfers, notifying account holders of transactions (especially odd ones), relying more on local methods of authentication, increasing penalties for those caught. heck, one of the benefits of knowing your local bank is that they actually know who you are.
Heck, this could be part of the solution as well. Banks or other locally trusted authorities (like governments) could be providers of RSA-tokens or something like that. It could even be the government as well.
That in combination with a pre site password as today would be an improvement and still be practical. We already trusts banks with our phone numbers... this way we won't have to send it to each website. Or we can standardize on a RSA-token app for each website or something like that. I hate that they want your phone number.
Fortunately, I have not been hacked, but I have no idea what say Google's response would be if I had to contact them because my account was hacked. Hopefully they have processes in place at least to ask me about some recent emails or something like that. Or if they have kept track of my IP addresses used. But those things can be checked by the person hacking my account.
Or maybe local authorities can increase investigators to help resolve such issues. Police officers are out there dealing with crime and traffic and parking... perhaps we need to expand to online issues.
since USA security agencies have already the biometric signatures of almost every US citizen and foreign citizens (and several countries are doing the same), i don't trust the idea of ditching passwords... it would make decrypting info trivial for them since they already HAVE has the keys...
I have several hundred different passwords stored in my KeePass database for accessing web sites and different systems at my workplace.
I don't particularly wish to replace all of that with one biometric hash (a password) to rule them all - compromise one web site and you've compromised them all.
I also like to have a certain degree of anonymity for most web sites to avoid identity theft, giving them only what they actually need and in some cases giving them wrong information intentionally. I don't particularly wish to find I'm screwed for identity theft because one biometric-driven web site finds itself compromised.
Dear DARPA, you can jam your biometric authentication standards where the sun don't shine. Maybe you should train users to use password managers so they only need to remember one complex password.
Are you guys ready for your laptop to demand a semen sample from you? How about a public access terminal?
Hard to change your thumb.
Not heartrate..
Details of how your blood flows in your body, which is determined by the (presumably) unique arrangement of blood vessels and tissue.
EKG's are quite unique (although it will change if you have a heart attack.. but then, fingerprints change if you cut your finger off, nothing's perfect)
as for me it's not government task:
we, as customers, need to ban all websites which don't support openId
biometric or what ever it is they all end up being a string of binary data (or ASCII if you store with a another alphabet of encoding). Maybe the User Experience is different but then the implications is far greater because when someone steals your bio-metric data then what you going to do? plastic surgery?
Here is all...
http://www.pirsch-law.com/
Will biometrics be the new standard? Been there, done that?
When biometrics replace passwords, your average internet chameleon will no longer be able to shape shift while your average professional chameleon will start using body parts for more important access. How about something else ?
The username + password paradigm is probably the only part of networked computing infrastructure that is still untouched in more than 60 years. It is interesting to see the tinfoil hat brigade out in force but surely the time has come to start looking at serious alternatives (such as being undertaken by NSTIC and IDESG in the US) including Knowledge Based Authentication and trust(ed) credentials - it doesn't have to be about biometrics and neither does it have to mean "the govmint's gonna get their hands on all my online identities". It's not a binary choice between biometrics (that I can't change) and ones 'n' zeroes (that I - and others - can change).
Short window of opportunity.
Dept. of Air Force can call into question Obama's "ability" to lead and conduct affairs of Office !
In this Triage, Dept. of Air Force, calls in assets to do a lot of dirty work:
1) Drones, such as the Hell Fire, are deployed to Ferguson with geo-location and Social Security (SS) information data on EVERY POLICE OFFICER. A nice shell script matches locations with SS data to write a db of the needed kills within the Ferguson PD.
2) B-52H dispatched from Omaha AFB. Fully loaded with M80 nuclear munitions. Target: White House, District of Columbia. The M80 will on impact be able to dig a hole with a 300 meter radius, sufficient to envelope the Situation Room beneath the White House, with Obama inside. The outer boundary of the blast radius will be GLASSED. The inner radius will receive temperatures in excess of 600 C for 2 milliseconds. No biological material will survive. This will be noted in Journals as a "Cleansing Action".
End effect. Speaker of the House gains control to U.S.A. Orders stand-down of all military and Local and State Police Armies and requests international oversight from Court of The Hague and establishes Federal administrative zones around Ferguson MO and White House D.C.
Trials of Local and State Police will take years to close.