With Google now looking at offering two factor authentication to its GMail Accounts it seems that online services are seriously looking at security. However, Google has also done the world a service here with the method they use.
Many applications in the real world use two factor authentication as a way to protect security. Two factor authentication is something you have and something you know. For example your bank may have sent you a smart card. This is something you have. Your password, mothers maiden name etc. is what you know. The something you have generates a code you enter when you need it and it changes every minute or so. This stops someone seeing it and later on using it without your knowledge. They have a minute or so to use it. This requires you to be sent a device that needs to be in sync with a master server. These services cost money to set up and maintain.
What Google has done has cheaply taken this into to the masses. Based on the fact that most of us, certainly who use the internet, have a mobile phone. When you try and log in using your username and password it sends a text to your registered phone and you have to enter that as well to log in. It can create that text randomly and only has to remember it for a few minutes.
Simplicity itself. You can expect to see that rolled out a lot more due to its simplicity and ease of use. Google have excelled themselves with this one. This is how innovation should be simple, easy to use and cheap to implement.
Security takes a leap forward
With Google now looking at offering two factor authentication to its GMail Accounts it seems that online services are seriously looking at security. However, Google has also done the world a service here with the method they use.
Many applications in the real world use two factor authentication as a way to protect security. Two factor authentication is something you have and something you know. For example your bank may have sent you a smart card. This is something you have. Your password, mothers maiden name etc. is what you know. The something you have generates a code you enter when you need it and it changes every minute or so. This stops someone seeing it and later on using it without your knowledge. They have a minute or so to use it. This requires you to be sent a device that needs to be in sync with a master server. These services cost money to set up and maintain.
What Google has done has cheaply taken this into to the masses. Based on the fact that most of us, certainly who use the internet, have a mobile phone. When you try and log in using your username and password it sends a text to your registered phone and you have to enter that as well to log in. It can create that text randomly and only has to remember it for a few minutes.
Simplicity itself. You can expect to see that rolled out a lot more due to its simplicity and ease of use. Google have excelled themselves with this one. This is how innovation should be simple, easy to use and cheap to implement.