SlickLogin, a startup offering sound-based password alternatives, confirmed the acquisition by Google, joining them to "make the internet safer for everyone."
As TechCrunch put it:
"To verify a user’s identity and log them in, a website would play a uniquely generated, nearly-silent sound through your computer’s speakers. An app running on your phone would pick up the sound, analyze it, and send the signal back to the site’s server confirming that you are who you say you are — or, at least, someone who has that person’s phone."
 |
| SlickLogin debuting at TechCrunch |
The approach can be used as a password replacement or a two-factor authentication. The founders of SlickLogin also squashed any potential worries by saying:
"Everything is very heavily encrypted, so man in the middle attacks are out. You can’t record the audio signal and just play it back later, as the audio is uniquely tied to that moment. You can’t just hold your phone up to someone else’s audio signal (or grab it from across the room with a directional mic) in hopes of getting logged in to their account before they do; your phone wouldn’t have their login credentials stored on it, and that crucial bit isn’t wrapped into the sound."The product is still in a small, closed Beta.
Written by: Kheng Wei Ang
No comments:
Post a Comment