Password less authentication ?
Okay so what do you think would be used instead of a password ?
Fingerprint ?
Face lock ?
Voice recognition ?
The authenticator by Google?
----
Except the last one , I do believe each and everyone of them comes with a fault , come on one can actually do something to a person to connect with the device .. unfortunately us traders hold most in our mobile phones and I do think not just passwords , but everything at once all the things that I listed are not enough too
you can never be more secure .
=================
The fact is that the issues of encryption of information are more or less well resolved.
Few people want to use uncertified encryption technologies
encryption technologies (such as ours, KE), but the issue of passwordless
authentication is well unsolved.
It is especially relevant for banks, for their security systems.
The problem of phishing in the usual password authentication is not very well solved,
e.g. by increasing authentication factors (biometrics, SMS, temporary
valid codes, etc.), two- and even three-factor authentication systems.
All these technologies are only modification of authentication by stable factors,
assigned to this or that client.
No really working password-free authentication.
And yet, billions have already been invested in this topic by the world's leading corporations.
Therefore, it is necessary to clearly define what to call what.
let's make such a definition:
If in this closed channel of communication (SCC) is observed:
- a rapidly changing, strictly deterministic, known only to the members of that VCS - digital factor for authentication;
- any and each authentication factor is used only once;
- any and each authentication factor is not generated in advance, is not transmitted through third-party channels (local), and does not require storage;
- authentication occurs continuously, does not stop the whole communication session, a priori for each data packet, in both directions;
- any and every authentication factor is not derived from any other authentication factor or from any set of them;
- the fast changeability of any authentication factor is in no way related to physical time and has no stable generation function;
- generation of any authentication factors does not require the user to create, store, use any password information,
then such method of authentication, within the framework of this technology, will be called password-free authentication.