Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Trying to strengthen authentication without forcing users to change their behavior is a promising approach, says Bill Nagel, an analyst at Forrester Research, who covers security and risk management. “People want ease of use without losing any security, and that’s a tough balance for a lot of IT departments,” he says.

Ben Adida, a fellow at Harvard University’s Center for Research on Computation and Society, who studies security and privacy, notes that other companies have tried to find ways to improve authentication without inconveniencing users. Some banks, for example, install a cookie in a user’s browser after he answers several security questions correctly. The cookie serves as another identifying token. “That’s easier than having a physical token, but it’s also not as secure,” Adida says, since the attacker could trick the user into giving up the information needed to recreate the cookie..

Adida adds that the strength of Delfigo’s product will depend on how hard it is for an attacker to re-create the additional factors that it uses. For example, an attacker may be able to trick a user into typing her username and password into a dummy site, in order to collect keystroke patterns and other information, Adida says.

10 comments. Share your thoughts »

Credit: Technology Review

Tagged: Computing, Communications, security, passwords, biometrics, Web security

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me