Regular alphanumeric style passcodes are not the only method of online security these days, however it is by far the most common. We have seen some other methods in use such as two-factor authentication with RSA SecurID and even with Google and their 2-step verification process. On the flip side of those, we have even seen some slightly more unique options talked about such as using eye movements. Coming to the present day though, and we have talk of replacing passwords coming from two groups.
These groups include the FIDO Alliance and the Defense Advanced Research Project Agency (DARPA). The FIDO Alliance has been formed with Lenovo and PayPal as well as Nok Nok Labs, Agnito and Validity. DARPA on the other hand is the research and development arm of the Defense Department. Regardless of where these two groups are coming from or who they are made up of, they are looking to do something different with the standard password method of security.
DARPA is working on the Active Authentication program which is currently described as being in its second phase. In this phase they are said to be looking for research that “sets out to establish behavioral biometrics based on discernible cognitive processes and the observable ways that users naturally interact with their environment while using their computing devices.” More to the point here, research that will allow them to develop a solution that uses multiple points including physical aspects such as fingerprints, how you interact with technology such as a keystroke pattern or mouse movement and even data to include how you use language and how you construct sentences.
Looking at the FIDO Alliance and we see where things may come into play for the more average user. Things appear to still be shaping up here though. In fact, it was said that as the FIDO Alliance attracts new member-organizations they will include new solutions. Some of the ideas mentioned at this point include USB tokens, one time passwords and the use of Near Field Communications (NFC). With that, while it seems like we still have some time before we can stop worrying about regular passwords, it is nice to see these issues being discussed and worked on.
[via The Verge]