Webmaker

Nouveau Login

We are experimenting with a new form of login. Instead of passwords, the site and the visitor share a secret handshake anytime they need it. This link, or short bit of text is temporary. There's nothing to remember, forget, or have stolen.

  1. What do we call this new fangled system?

    Great question! Some ideas include: key, freepass, sitecode, pin, sitepass, secret. Right now, I'm trying out the name Handshake. What do you think of it?

  2. What's the goal of this handshake system?

    The goal is to reduce the frustration, friction, and insecurity that come from weak, forgotten, and stolen passwords -- or, in other words-- to increase security, privacy, and trust.

  3. Hasn't social sign-on solved this problem already?

    Yes. And no. Facebook, Google, and a few other services dominate social, or federated, sign-on. While their system reduces some frustration, it compromises privacy and requires people to join a service (and all the terms that come with it) that they might not want.

  4. Is this new handshake system a pain in the butt?

    No. Many sites use a cookie in your browser to keep you logged in between visits, so you don't need to do the handshake often. Good sites ask you if you want them to “remember me on this computer” or not.

  5. What if I use public computers or can't stay logged in for some reason?

    This system allows you to use a password if you prefer it for your situation. It only sends the secret handshake if you don't have one. You can switch between using a password or not very easily.

  6. Isn't this just like a password?

    In some ways, yes. But it's fleeting, temporary -- there when you need it, gone when you don't. Why don't we just call it a temporary password? Bad habits are hard to break. We need to tilt the paradigm, to change the conversation around privacy and security, to redesign the web we have and help build the web we want. This system favors getting rid of passwords as we know them.

  7. Is this secure?

    This doesn't use new technology. Instead, it reframes a safe and common password recovery process. It rearranges existing experiences to help us avoid the weakest links in our security: weak passwords, vulnerable password storage, and passwords that somebody repeatedly uses on many sites. It is more secure than the most common current solution.

  8. What if someone breaks into my email?

    If they do that, all of your accounts are already vulnerable because of the “forgot password” link. This handshake system makes it more obvious that you must protect your email. And, using more handshakes and fewer passwords makes it more likely that your password for your email will be unique and strong.

  9. Can I get my handshake in a text instead of an email?

    Soon, yes. There's no reason you can't have your handshake sent to you via email or text or both. In theory, we could send it anywhere, even to a URL that triggers your arduino login sidekick.

  10. Should we use this handshake system for email accounts?

    You could, by using text messages to receive your handshake. Vital sites with email, health records, and bank and credit card info should probably use "two-factor authentication." In other words, they should require a password and a handshake of some form.

  11. Shouldn't we just use two-factor authentication with hardware-based retina scanning or DNA verification for everything?

    Uh, maybe? But remember: security at the expense of usability, comes at the expense of security. If a system is impractical, people will find shortcuts that make it less secure.