The Steve Rubel Lifestream

Daily links, quotes, insights, photos, videos and more on emerging technology. 
« Back to blog
Viewed 69349 times
Favorited 1 times
Filed under
July 16, 2009

A Simple Way Google Can Increase Security

AP: "The techniques used by the (Twitter) attackers highlight the dangers of a broader trend promoted by Google Inc. and others toward storing more data online, instead of on computers under your control."
via google.com

AP covers the Twitter security issues well, but honestly, why doesn't Google simply give us more control over passwords? I should be able to say I need to sign in to Gmail with two passwords, Google Reader with one, Docs with three including a picture, etc. Give us more control if we want it and it won't be as hard to snag passwords.

Loading mentions Retweet

Comments (3)

Jul 16, 2009
Otto Radke said...
I find it interesting that people aren't talking about two things:

1. Using a key fob - http://en.wikipedia.org/wiki/Key_fob - to login. World of Warcraft implemented their Blizzard Authenticator either via fob or an iPhone app!

2. Is it common for companies like this to never have security / penetration tests done to expose their weaknesses before someone with malicious intent does?

Jul 16, 2009
Nicola Losito said...
@Otto: a key fob is quite a "pain" to always carry on ... many italian banks are using it, in various shape and dimensions and I think it's uncomfortable (the key group becomes bigger and bigger) and dangerous (if the 'pool' of keys is too big it won't stay in your pocket so chances to loose them is real!)

@Steve & others ( :-P ): choosing STRONG password, with centralized login (openID & the likes) and 'rotation' of them on a regular basis - until the upcoming of mainstream biometrics techniques - is today, I think, still the only method of living with a certain degree of serenity ...

Jul 17, 2009
Neville Hobson said...
PayPal has a great system: you enter your account name and password on login page. PayPal then sends you an SMS to your mobile phone with a code valid for 60 secs. Enter code on website; if ok, your login succeeds. It's better than a fob or security dongle because what's one device you're likely to have with you at (nearly) all times? Yep, your mobile phone.

Leave a comment...

 
Got an account with one of these? Login here, or just enter your comment below.
Posterous-login    twitter