Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Connectivity

Google Has a Plan to Kill Off Passwords

Passwords are annoying to remember and can be insecure, so Google is turning to a new form of authentication to protect our personal information.

Is it finally the beginning of the end for passwords? From our laptops to our bank accounts to e-mail, social media accounts, and myriad other online services, passwords ostensibly protect almost every aspect of the lives we lead online. And yet they are annoying to remember and can be dangerously insecure. So why are they still with us?

On Friday, Google announced what may mark the beginning of the end of passwords as we know them. During his talk at Google I/O, Daniel Kaufman, the head of the company’s ATAP (Advanced Technology and Projects) arm, casually mentioned the rollout of a new way of securing Android apps called Trust API. Rather than using standard passwords, Trust API will use biometrics like facial recognition, your typing pattern, even how you walk to help determine that you are who you say you are.

Each metric will contribute to an overall “trust score” that will let you unlock your apps. The program will run in the background of an Android phone, using the phone’s suite of sensors to continuously monitor the user’s behavior. If the trust score falls below a threshold, a user might be prompted for some form of additional authentication.

The idea is similar to a system called Smart Lock, which is already active on some Android phones. Smart Lock lets people unlock their phones by sensing the phone is in a trusted location or recognizing a user’s face. But it doesn’t operate in the background and it doesn’t govern access to individual apps. Doing so will allow Trust API to tightly control the level of authentication needed for access to apps of varying levels of sensitivity. As TechCrunch pointed out in its coverage on Friday, that would be handy for allowing easy access to, say, games, but requiring more stringent authentication before a user could get into a banking app.

Novel replacements for the password have been around for ages, and while many seem promising, they rarely find their way into wide usage. Whether Trust API takes off is likely to be determined quickly. During his talk, Kaufman said that testing with several “very large financial institutions” will begin next month. Banks have a lot to lose if a new feature causes either security or user experience to suffer. If they give the thumbs up, Kaufman’s promise of making Trust API available to all developers before the end of the year could come true—and the password’s days may truly be numbered.

(Read more: TechCrunch, The Guardian, “Log In to Your Phone with a Finger-Drawn Doodle Instead of a Password,” “You’ve Been Misled About What Makes a Good Password,” Wired)

Want to go ad free? No ad blockers needed.

Become an Insider
Already an Insider? Log in.
More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Print Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.