Who Benefits?

“Microsoft promises to ease the pains of going passwordless “ https://www.cnet.com/news/microsoft-promises-to-ease-the-pains-of-going-passwordless/

The report says “Roughly 200 million people using Microsoft services already have made the jump past passwords”. I would like to add “Who benefits?”

If ‘passwordless’ means ‘removal of the whole password family including PIN’, the ‘passwordless’ announcement was correct and this solution would be tantamount to an ATM that automatically dispenses your money against your bank card without asking for your PIN. Who benefits from this brilliant feat?

If those passwordless people were of the view that PIN, that is a numbers-only password, is not a password and therefore PIN can be used in a passwordless solution, who benefits from such misleading ‘PIN-dependent passwordless login’?

Unfortunately, too many security people are too indifferent to the true nature and characteristics of authentication factors.

Ref: “What We Know for Certain aboutAuthentication Factors”

* Attempts to compare the vulnerability of a wisely or poorly managed password with that of a poorly or wisely deployed physical token would obviously take us nowhere.

Key References

“Removal of Passwords and Its SecurityEffect”

“Aiming to Destroy Democracy?”

Digital Identity for Global Citizens

Image-to-Code Conversion by Expanded Password System

Summary and Brief History — Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Additional References

Account Recovery with Expanded Password System

External Body Features Viewed as ‘What We Are’

History, Current Status and Future Scenarios of Expanded Password System

Negative Security Effect of Biometrics Deployed in Cyberspace

Availability-First Approach

Update: Questions and Answers — Expanded Password System and Related Issues (30/June/2020)

< Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes — narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space — “below-one” factor authentication

< Media Articles Published in 2020 >

Digital Identity — Anything Used Correctly Is Useful https://www.valuewalk.com/2020/05/digital-identity-biometrics-use/

‘Easy-to-Remember’ is one thing ‘Hard-to-Forget’ is another https://www.paymentsjournal.com/easy-to-remember-is-one-thing-hard-to-forget-is-another/

Identity Assurance And Teleworking In Pandemic https://www.informationsecuritybuzz.com/articles/identity-assurance-and

--

--

--

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

iPhone Robbers Try to iPhish Victims

applephish

Training Staff is The First Line of Defense in IT Security

InsureDAO — New Defi Insurance Project

Cloudflare WAF bypass via Origin IP

Knowing your data flows is critical for cyber security

Troubleshooting System Load !

Does Avast Antivirus Work For Mac

The risks in the digital age — our privacy is under attack

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hitoshi Kokumai

Hitoshi Kokumai

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.

More from Medium

Fundamental Difference between ‘Authentication’ and ‘Identification

BLOCKCHAIN DEVELOPERS: Attack your excellent work in unimaginable ways.

Some Thoughts on Deterministic Netcode in GameMaker

How Big Of An Issue Is Game Cyber Security?