January 27, 2017
By Bob O'Donnell
In an effort to increase online security, Facebook announced yesterday that they will be enabling the use of hardware security keys that support the FIDO digital identity/authentication standard for logins to the service. Specifically, Facebook is adding support for simple USB-stick like devices that support the U2F (Universal Second Factor) standard, which is a mechanism for adding a very secure second factor of authentication for the highly recommended (though little understood) practice of multi-factor authentication.
Essentially, the effort is an attempt to discourage the use of easily-breakable, hackable and “phish-able” password-based log-ins and move towards other more secure and more “automatic” type of log-ins. The FIDO consortium is an industry group that includes over 250 companies, including Microsoft, Intel, Visa, Bank of America, Google, Intel, ARM, Qualcomm, Samsung, Lenovo and many others, that are focused on authentication and security standards that can leverage biometrics, hardware security keys and other methods for digitally proving you are who you say you are: the fundamental principle of authentication.
Unfortunately, few people know about the group’s efforts—despite its high-profile members—but efforts like this Facebook announcement can help drive that awareness. The ultimate goal of the group is to eliminate passwords and to move to more secure methods of logging into online services, making digital transactions and more. The problem is that security and authentication are complex topics that few people seem interested in, but the effort is making progress.
With this specific announcement, Facebook is incorporating support for these hardware keys (which must be purchased for around $20) through a limited set of browsers and devices—you can’t yet, for example, use it with a mobile phone-based Facebook app—so the real-world impact will be tiny. However, it is an important first step towards greater awareness and usage of more secure methods of authentication. These same hardware keys can be used for DropBox, Google, Salesforce and a few other online services, so hopefully we’ll start to see more active usage of these types of capabilities moving forward.
Here's a link to the column: https://techpinions.com/unpacking-the-weeks-news-friday-january-27-2017/48654
Bob O’Donnell is the president and chief analyst of TECHnalysis Research, LLC a market research firm that provides strategic consulting and market research services to the technology industry and professional financial community. You can follow him on Twitter @bobodtech.
Leveraging more than 10 years of award-winning, professional radio experience, TECHnalysis Research participates in regular audio podcasts in conjunction with the team at Techpinions.com.
TECHnalysis Research offers a wide range of research deliverables that you can read about here.