No more password hell with this new app

An application to put an end to passwords -

Geeko

IT company Cisco announces the launch of a new application to replace passwords: Duo Passwordless Authentication.

The purpose of the latter is to allow its users to identify themselves to their various accounts and devices without having to use a password.

A more secure solution

To develop this app, Cisco started from the observation that it is complicated for many people to remember all the passwords for their different accounts.

Logic would also want them to be particularly complicated, to avoid being easily hacked, but in fact, many of us still use the same password for different accounts or worse, particularly simple combinations of type "password" or "123456".

Right now, two-factor authentication helps keep accounts secure.

It is based on the use of a password and the confirmation of his identity via a code received by SMS or by email.

But this system is still little used today and, although it provides an additional level of security, it is not infallible.

A pair of keys

The Duo passwordless authentication application uses another system to protect and authenticate users: asymmetric cryptography.

The latter is based on web authentication.

This technology uses the concept of a key pair to authenticate an Internet user on a site;

a private key is stored securely on the user's device and a public key is shared with the server.

The public key is associated with an identifier generated randomly and also stored on a server.

The "keys" are made up of a sequence of random numbers.

The risks of hacking are reduced since hackers will have to get both their hands on the public key - which is by definition public - and the private key which is stored on the device of their targets and which can correspond to the biometric data of the user (digital or facial recognition).

In addition, each key pair is only valid for one site.

If hackers still manage to get their hands on a key pair, they will only have access to one account.

“It's no exaggeration to say that passwordless authentication will have the most significant global impact on how users access data by making the easiest path the most secure,” says Gee Rittenhouse, Cisco Senior Vice President of Security Business Group.

The application should be available in the summer of 2021, in preview.

High-Tech

Faced with growing threat from phishing campaigns, two-factor authentication would block 99.9% of hacker attacks

High-Tech

High-tech: "Donald" is one of the worst passwords of the year

• Personal data

• Cybersecurity

• Computer science

• High-Tech

• Password