(Los Angeles Times) – A group of banks, technology companies and hardware makers looking to improve upon the username-and-password login systems that keep getting hacked reached a pivotal point in the effort Tuesday.
The Fast Identity Online, or FIDO, Alliance announced that it finalized the technical rules that companies must follow to get new login systems running. Websites and apps could replace passwords altogether or combine traditional logins with a second less-likely-to-be-hacked element such as a USB key, fingerprint scanning or eye or voice recognition.
Google has already begun allowing an $18 USB stick to be plugged in to log into a Gmail account, for instance. PayPal or Alipay users also can approve transactions by tapping the fingertip scanner on a Samsung Galaxy S5.
The idea is to make it so that there’s no central database a hacker could access to hijack accounts. The hacker would need to go through additional steps, hopefully making it far less worth the effort.