# Google declares war on the password



## dpeters11 (May 30, 2007)

http://www.wired.com/wiredenterprise/2013/01/google-password/all/

I use a slot on my Yubikey for Google, works pretty well. It doesn't replace the password in my case, just an additional layer. It currently requires a helper app, would be nice to not need that anymore.


----------



## fluffybear (Jun 19, 2004)

We took part in a pilot program for BofA a few years back which required us to enter a 5 digit from a pocket device as a second layer of protection. HATED IT!! I have enough crap on my key ring as it is and adding devices to support a second layer of protection is only going to make things more cumbersome.


----------



## RasputinAXP (Jan 23, 2008)

I already use Google Authenticator for several services. Two-factor authentication is quickly becoming a standard.


----------



## Sixto (Nov 18, 2005)

Thanks for the link.


----------



## dpeters11 (May 30, 2007)

I wish my credit union supported something like that. Not like an RSA tag, but would love for it to support my Yubikey. The fact that I've found sites seem to allow more secure "secret answers" than passwords is interesting. "Password can't be more than 12 characters, no special characters but your childhood best friends name is %HaS%[email protected]? No problem."

What's useful is that the Yubikey has multiple "slots". One can be set up for Google authentication, one for Lastpass or Symantec VIP. And really, you potentially wouldn't need to use it every time. I know no one else is going to be using my systems, so it only asks for it if it doesn't recognize the computer.


----------



## boukengreen (Sep 22, 2009)

blizzard came out with this in 09 i believe with the blizzard authenticator


----------



## SayWhat? (Jun 7, 2009)

I use the Big G as a search engine. Nothing more. The less they know about me, the better.

Don't trust'em a bit.


----------



## boukengreen (Sep 22, 2009)

SayWhat? said:


> I use the Big G as a search engine. Nothing more. The less they know about me, the better.
> 
> Don't trust'em a bit.


don't even use them for that perfer yahoo


----------



## dpeters11 (May 30, 2007)

The password model is broken. Sites have different requirements, idiotic restrictions, store passwords badly, either plaintext or unsalted etc etc. Something has to change.


----------



## RasputinAXP (Jan 23, 2008)

AmEx blows my mind with a "max 8 digit password"


----------



## dpeters11 (May 30, 2007)

Capital One makes theirs case insensitive...


----------

