A Simple Way Google Can Increase Security

16 Jul 2009

A Simple Way Google Can Increase Security

AP: "The techniques used by the (Twitter) attackers highlight the dangers of a broader trend promoted by Google Inc. and others toward storing more data online, instead of on computers under your control."

via google.com

AP covers the Twitter security issues well, but honestly, why doesn't Google simply give us more control over passwords? I should be able to say I need to sign in to Gmail with two passwords, Google Reader with one, Docs with three including a picture, etc. Give us more control if we want it and it won't be as hard to snag passwords.

Comments 3 Comments

Jul 16, 2009

Otto Radke said...

I find it interesting that people aren't talking about two things:

1. Using a key fob - http://en.wikipedia.org/wiki/Key_fob - to login. World of Warcraft implemented their Blizzard Authenticator either via fob or an iPhone app!

2. Is it common for companies like this to never have security / penetration tests done to expose their weaknesses before someone with malicious intent does?

Jul 16, 2009

Nicola Losito said...

@Otto: a key fob is quite a "pain" to always carry on ... many italian banks are using it, in various shape and dimensions and I think it's uncomfortable (the key group becomes bigger and bigger) and dangerous (if the 'pool' of keys is too big it won't stay in your pocket so chances to loose them is real!)

@Steve & others ( :-P ): choosing STRONG password, with centralized login (openID & the likes) and 'rotation' of them on a regular basis - until the upcoming of mainstream biometrics techniques - is today, I think, still the only method of living with a certain degree of serenity ...

Jul 17, 2009

Neville Hobson said...

PayPal has a great system: you enter your account name and password on login page. PayPal then sends you an SMS to your mobile phone with a code valid for 60 secs. Enter code on website; if ok, your login succeeds. It's better than a fob or security dongle because what's one device you're likely to have with you at (nearly) all times? Yep, your mobile phone.

Steve Rubel's Posterous

Steve Rubel (bio) is SVP, Director of Insights for Edelman Digital, a division of Edelman - the world's largest independent PR firm.

He is charged with helping clients identify emerging technologies and trends that can be applied in marketing communications programs. Rubel also explores these topics on his site and in monthly columns for Forbes.com and Advertising Age. He can be found on Twitter and Facebook as well.

Steve can be reached via email at steverubel@gmail.com.

Note: Everything posted on this site is Steve's personal opinion. It does not represent the views of Edelman or its clients.