• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Apple, Google and Microsoft commit to expanded support for FIDO standard to accelerate availability of passwordless sign-ins

TheLostSwede

News Editor
Joined
Nov 11, 2004
Messages
17,516 (2.40/day)
Location
Sweden
System Name Overlord Mk MLI
Processor AMD Ryzen 7 7800X3D
Motherboard Gigabyte X670E Aorus Master
Cooling Noctua NH-D15 SE with offsets
Memory 32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68
Video Card(s) Gainward GeForce RTX 4080 Phantom GS
Storage 1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000
Display(s) Acer XV272K LVbmiipruzx 4K@160Hz
Case Fractal Design Torrent Compact
Audio Device(s) Corsair Virtuoso SE
Power Supply be quiet! Pure Power 12 M 850 W
Mouse Logitech G502 Lightspeed
Keyboard Corsair K70 Max
Software Windows 10 Pro
Benchmark Scores https://valid.x86.fr/yfsd9w
In a joint effort to make the web more secure and usable for all, Apple, Google and Microsoft today announced plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. The new capability will allow websites and apps to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms. Password-only authentication is one of the biggest security problems on the web, and managing so many passwords is cumbersome for consumers, which often leads consumers to reuse the same ones across services. This practice can lead to costly account takeovers, data breaches, and even stolen identities. While password managers and legacy forms of two-factor authentication offer incremental improvements, there has been industry-wide collaboration to create sign-in technology that is more convenient and more secure.

The expanded standards-based capabilities will give websites and apps the ability to offer an end-to-end passwordless option. Users will sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN. This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS.




An Expansion of Passwordless Standard Support
Hundreds of technology companies and service providers from around the world worked within the FIDO Alliance and W3C to create the passwordless sign-in standards that are already supported in billions of devices and all modern web browsers. Apple, Google, and Microsoft have led development of this expanded set of capabilities and are now building support into their respective platforms.

These companies' platforms already support FIDO Alliance standards to enable passwordless sign-in on billions of industry-leading devices, but previous implementations require users to sign in to each website or app with each device before they can use passwordless functionality. Today's announcement extends these platform implementations to give users two new capabilities for more seamless and secure passwordless sign-ins:

  • Allow users to automatically access their FIDO sign-in credentials (referred to by some as a "passkey") on many of their devices, even new ones, without having to re-enroll every account.
  • Enable users to use FIDO authentication on their mobile device to sign in to an app or website on a nearby device, regardless of the OS platform or browser they are running.

In addition to facilitating a better user experience, the broad support of this standards-based approach will enable service providers to offer FIDO credentials without needing passwords as an alternative sign-in or account recovery method.

These new capabilities are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year.

"'Simpler, stronger authentication' is not just FIDO Alliance's tagline—it also has been a guiding principle for our specifications and deployment guidelines. Ubiquity and usability are critical to seeing multi-factor authentication adopted at scale, and we applaud Apple, Google, and Microsoft for helping make this objective a reality by committing to support this user-friendly innovation in their platforms and products," said Andrew Shikiar, executive director and CMO of the FIDO Alliance. "This new capability stands to usher in a new wave of low-friction FIDO implementations alongside the ongoing and growing utilization of security keys—giving service providers a full range of options for deploying modern, phishing-resistant authentication."

"The standards developed by the FIDO Alliance and World Wide Web Consortium and being led in practice by these innovative companies is the type of forward-leaning thinking that will ultimately keep the American people safer online. I applaud the commitment of our private sector partners to open standards that add flexibility for the service providers and a better user experience for customers," said Jen Easterly, Director of the U.S. Cybersecurity and Infrastructure Security Agency. "At CISA, we are working to raise the cybersecurity baseline for all Americans. Today is an important milestone in the security journey to encourage built-in security best practices and help us move beyond passwords. Cyber is a team sport, and we're pleased to continue our collaboration."

"Just as we design our products to be intuitive and capable, we also design them to be private and secure," said Kurt Knight, Apple's Senior Director of Platform Product Marketing. "Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience—all with the goal of keeping users' personal information safe."

"This milestone is a testament to the collaborative work being done across the industry to increase protection and eliminate outdated password-based authentication," said Mark Risher, Senior Director of Product Management, Google. "For Google, it represents nearly a decade of work we've done alongside FIDO, as part of our continued innovation towards a passwordless future. We look forward to making FIDO-based technology available across Chrome, ChromeOS, Android and other platforms, and encourage app and website developers to adopt it, so people around the world can safely move away from the risk and hassle of passwords."

"The complete shift to a passwordless world will begin with consumers making it a natural part of their lives. Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today," says Alex Simons, Corporate Vice President, Identity Program Management at Microsoft. "By working together as a community across platforms, we can at last achieve this vision and make significant progress toward eliminating passwords. We see a bright future for FIDO-based credentials in both consumer and enterprise scenarios and will continue to build support across Microsoft apps and services."

View at TechPowerUp Main Site | Source
 
Joined
Aug 4, 2020
Messages
1,609 (1.03/day)
Location
::1
wow, we're finally seeing public-private key kill off passwords ...

...

...

... now why didnt that happen by like, 1998 again?
 

TheLostSwede

News Editor
Joined
Nov 11, 2004
Messages
17,516 (2.40/day)
Location
Sweden
System Name Overlord Mk MLI
Processor AMD Ryzen 7 7800X3D
Motherboard Gigabyte X670E Aorus Master
Cooling Noctua NH-D15 SE with offsets
Memory 32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68
Video Card(s) Gainward GeForce RTX 4080 Phantom GS
Storage 1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000
Display(s) Acer XV272K LVbmiipruzx 4K@160Hz
Case Fractal Design Torrent Compact
Audio Device(s) Corsair Virtuoso SE
Power Supply be quiet! Pure Power 12 M 850 W
Mouse Logitech G502 Lightspeed
Keyboard Corsair K70 Max
Software Windows 10 Pro
Benchmark Scores https://valid.x86.fr/yfsd9w
wow, we're finally seeing public-private key kill off passwords ...

...

...

... now why didnt that happen by like, 1998 again?
Because we didn't have smartphones with fingerprint readers back then?
 
Joined
Jun 11, 2017
Messages
270 (0.10/day)
Location
Montreal Canada
The more security we make the less it becomes secure. I mean two teir and 3 teir is pretty strong for security now. FIDO talks about face finger prints and voice which can all be faked if you know how. Security keys well that one way but then you lost the usb key and well good luck. Somehow and someway the criminals always find a way around it.
 
Joined
Aug 20, 2007
Messages
21,421 (3.41/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
The more security we make the less it becomes secure.
Don't confuse this consumer crapfest standard for real properly setup security.
 
Joined
Dec 28, 2012
Messages
3,846 (0.89/day)
System Name Skunkworks 3.0
Processor 5800x3d
Motherboard x570 unify
Cooling Noctua NH-U12A
Memory 32GB 3600 mhz
Video Card(s) asrock 6800xt challenger D
Storage Sabarent rocket 4.0 2TB, MX 500 2TB
Display(s) Asus 1440p144 27"
Case Old arse cooler master 932
Power Supply Corsair 1200w platinum
Mouse *squeak*
Keyboard Some old office thing
Software Manjaro
Sounds like a privacy nightmare. How long until you also need location services to log into your accounts?
 
Joined
Aug 20, 2007
Messages
21,421 (3.41/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Sounds like a privacy nightmare. How long until you also need location services to log into your accounts?
You already have location history on whether you turn on location services or not, and tied to google accounts on android so... now?
 
Joined
Sep 14, 2018
Messages
2 (0.00/day)
Low battery, stolen phone, lost phone, taking chemotherapy medication and thus having problems with fingerprint recognition,
broken phone, phone too old for the required app....

this seems like a trade off, a password has disadvantages but also a lot of advantages due to it just being data and not a physical device that is needed.

I do not mind if this get introduced as long as there is a CHOICE to contuine using passwords. Without a choice this at least would need to allow a number of physcial devices. (for example backup phones).
 
Joined
Jul 5, 2013
Messages
27,485 (6.63/day)
wow, we're finally seeing public-private key kill off passwords ...

...

...

... now why didnt that happen by like, 1998 again?
Because it was and still is a flawed, invasive and inherently insecure concept. I personally will never participate. Fingerprints and facial recognition can be easily faked and defeated. Consumer grade biometrics are pathetically insecure. Any biometric hardware not easily defeated is prohibitively expensive.

Whereas a properly structured & engineered username/password system that uses proper encryption and salting is perfectly secure.

We do NOT need a new system, we need to improve and properly implement existing methodologies. Also...
but also a lot of advantages due to it just being data and not a physical device that is needed.
...this. What happens if you loose your authentication device? You're screwed.

Fu^& biometrics and Fu^& FIDO.
 
Joined
Jul 24, 2021
Messages
456 (0.38/day)
Location
Tornado Alley
System Name Main W10
Processor i7 2700K
Motherboard Gig Z77 HD4
Cooling Xigmatech Tower Cooler
Memory 16 GB G-Skill 1600Mhz
Video Card(s) ASUS GTX 1080ti 11GB
Storage WD Gold 2 TB HD
Display(s) Acer 27" 1440P
Case Phanteks Enthoo Pro
Audio Device(s) JDS Labs Element DAC/AMP
Power Supply Rosewill Hive 650 watt
Mouse MX 518
Keyboard Cherry 3000 with Blues
I feel that anything developed by "Apple, Google and Microsoft" is for their benefit...not ours. :mad:
 
Joined
Jun 18, 2021
Messages
2,544 (2.05/day)
I feel that anything developed by "Apple, Google and Microsoft" is for their benefit...not ours. :mad:

You're not wrong but they already have access to the data anyway when you're using their services. I think here "their benefit" is not dealing with so many customer complains and the whining when people loose their passwords and/or get hacked

...this. What happens if you loose your authentication device? You're screwed.

If you don't backup your authentication device that's your problem (and google/apple/microsoft in this case since the "user friendly" aproach is unlikely to include that)
 
Joined
Jul 16, 2014
Messages
8,197 (2.17/day)
Location
SE Michigan
System Name Dumbass
Processor AMD Ryzen 7800X3D
Motherboard ASUS TUF gaming B650
Cooling Artic Liquid Freezer 2 - 420mm
Memory G.Skill Sniper 32gb DDR5 6000
Video Card(s) GreenTeam 4070 ti super 16gb
Storage Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Steeseries Esports Wireless
Keyboard Corsair K100
Software windows 10 H
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
I think this is bad idea, up next will be RFID chips or tatoos when your fingerprint gets cheesed.
 
Joined
Oct 27, 2020
Messages
791 (0.54/day)
Big brother is getting bigger and bigger.
Just imagine in 30 years from now (nearly PS1 till today) what short of privacy intrusions will be deemed acceptable by then and the world we will be living in...
 
Joined
Feb 1, 2019
Messages
3,538 (1.68/day)
Location
UK, Midlands
System Name Main PC
Processor 13700k
Motherboard Asrock Z690 Steel Legend D4 - Bios 13.02
Cooling Noctua NH-D15S
Memory 32 Gig 3200CL14
Video Card(s) 4080 RTX SUPER FE 16G
Storage 1TB 980 PRO, 2TB SN850X, 2TB DC P4600, 1TB 860 EVO, 2x 3TB WD Red, 2x 4TB WD Red
Display(s) LG 27GL850
Case Fractal Define R4
Audio Device(s) Soundblaster AE-9
Power Supply Antec HCG 750 Gold
Software Windows 10 21H2 LTSC
how are pins more secure than passwords, its basically a very short digit only password.
 
Joined
Feb 20, 2020
Messages
9,340 (5.42/day)
Location
Louisiana
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
Hi,
Finger print scanners I've never gotten it to work worth beans
My fingers are always changing from calluses and cuts
So yeah a couple paper cuts lock you out

Face recognition
Nope DMV is as far as that goes appearances also change beard/ no beard just woke up verses sweating like a dog :laugh:
I frankly don't do a lot on cell phones.

Password free world ms has been harping about this for years it's just foraging nonsense
 
Joined
Jul 5, 2013
Messages
27,485 (6.63/day)
If you don't backup your authentication device that's your problem (and google/apple/microsoft in this case since the "user friendly" aproach is unlikely to include that)
And this is exactly why this agenda is as unacceptable as it is flawed.

The answer that we the people must express to these coperate nitwits is a resounding "NO THANK YOU!" or perhaps "CRAM THIS GARBAGE WHERE THE SUN DOESN'T SHINE!".

Proper implementation of username/password is the correct answer.
 
Joined
Feb 20, 2020
Messages
9,340 (5.42/day)
Location
Louisiana
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
Hi,
The key is don't give a credit or debit card number to any of these companies so if some does hack their email servers "which your picture id/..... would be stolen too" hackers would only be sending spam to your contacts.
 
Joined
Jul 10, 2017
Messages
2,671 (1.00/day)
Hi,
The key is don't give a credit or debit card number to any of these companies so if some does hack their email servers "which your picture id/..... would be stolen too" hackers would only be sending spam to your contacts.
This doesn't even begin to describe it!
 
Joined
Feb 1, 2019
Messages
3,538 (1.68/day)
Location
UK, Midlands
System Name Main PC
Processor 13700k
Motherboard Asrock Z690 Steel Legend D4 - Bios 13.02
Cooling Noctua NH-D15S
Memory 32 Gig 3200CL14
Video Card(s) 4080 RTX SUPER FE 16G
Storage 1TB 980 PRO, 2TB SN850X, 2TB DC P4600, 1TB 860 EVO, 2x 3TB WD Red, 2x 4TB WD Red
Display(s) LG 27GL850
Case Fractal Define R4
Audio Device(s) Soundblaster AE-9
Power Supply Antec HCG 750 Gold
Software Windows 10 21H2 LTSC
And this is exactly why this agenda is as unacceptable as it is flawed.

The answer that we the people must express to these coperate nitwits is a resounding "NO THANK YOU!" or perhaps "CRAM THIS GARBAGE WHERE THE SUN DOESN'T SHINE!".

Proper implementation of username/password is the correct answer.
The internet is trading privacy for security. I agree on the comments regarding fingerprint and scan security, not to mention those require a phone. PIN's are essentially very weak passwords.

The strongest form of security I have used that doesnt require dedicated hardware is IP based ACL's which is whats used e.g. on the Xbox Development platform. Some datacentres and domain providers also use this technology, and I manually configure it on many of my servers.

The problem with ACL though is for it to work conveniently user's need a static internet IP. Whilst the majority of people are on dynamic IP or even worse CGNAT. IPv6 should solve this problem, but privacy standards been pushed which compromise security (temporary random ipv6 allocation in the OS) compromise this idea alongside many broadband providers dragging their feet on ipv6 adoption.

Some companies nevertheless have adopted soft automated IP ACL's, so e.g. if they detect your IP has changed then have to reauthenticate on 2FA, if IP stays same, the 2FA is skipped.

Then there is the question of entities storing data insecurely, which is how these data leaks are happening in the first place. So imagine losing password, but then imagine losing your fingerprint because the entity got hacked. You can use unique password for every service, but not a unique fingerprint.
 
Joined
Jul 10, 2017
Messages
2,671 (1.00/day)
The internet is trading privacy for security. I agree on the comments regarding fingerprint and scan security, not to mention those require a phone. PIN's are essentially very weak passwords.

The strongest form of security I have used that doesnt require dedicated hardware is IP based ACL's which is whats used e.g. on the Xbox Development platform. Some datacentres and domain providers also use this technology, and I manually configure it on many of my servers.

The problem with ACL though is for it to work conveniently user's need a static internet IP. Whilst the majority of people are on dynamic IP or even worse CGNAT. IPv6 should solve this problem, but privacy standards been pushed which compromise security (temporary random ipv6 allocation in the OS) compromise this idea alongside many broadband providers dragging their feet on ipv6 adoption.

Some companies nevertheless have adopted soft automated IP ACL's, so e.g. if they detect your IP has changed then have to reauthenticate on 2FA, if IP stays same, the 2FA is skipped.

Then there is the question of entities storing data insecurely, which is how these data leaks are happening in the first place. So imagine losing password, but then imagine losing your fingerprint because the entity got hacked. You can use unique password for every service, but not a unique fingerprint.
OK, and what prevents an attacker from spoofing an IP?
 
Joined
Feb 1, 2019
Messages
3,538 (1.68/day)
Location
UK, Midlands
System Name Main PC
Processor 13700k
Motherboard Asrock Z690 Steel Legend D4 - Bios 13.02
Cooling Noctua NH-D15S
Memory 32 Gig 3200CL14
Video Card(s) 4080 RTX SUPER FE 16G
Storage 1TB 980 PRO, 2TB SN850X, 2TB DC P4600, 1TB 860 EVO, 2x 3TB WD Red, 2x 4TB WD Red
Display(s) LG 27GL850
Case Fractal Define R4
Audio Device(s) Soundblaster AE-9
Power Supply Antec HCG 750 Gold
Software Windows 10 21H2 LTSC
OK, and what prevents an attacker from spoofing an IP?
You can spoof for a DDOS, but good luck trying when you need to establish a connection. Its not like spoofing a phone number. You would need to gain control of the actual IP so e.g. compromising someone's network.
 
Joined
Jul 5, 2013
Messages
27,485 (6.63/day)
The internet is trading privacy for security.
Screw that nonsense...
The strongest form of security I have used that doesnt require dedicated hardware is IP based ACL's which is whats used e.g. on the Xbox Development platform. Some datacentres and domain providers also use this technology, and I manually configure it on many of my servers.
That is unacceptable as well. The current system of username/password needs improvement, NOT replacement.

Requiring users to create longer & more secure passwords that are then salted and encrypted clientside before transmission is the correct solution.

Properly crafted longer passphrase passwords are easy to remember, are impossible to guess and extremely difficult to brute force.

Example(please note, this is not my personal password, if you try using it to access my account W1zzard will likely ban your IP, only warning):

Long.Pass=Phra53s-Canb3fUn

The above passphrase password example is easy to memorize, easy to type out and is unbreakable. This 26 character passphrase meets all of the requirements for proper password security. It is greater than 24 characters, is made up of upper and lower case letters, contains several numbers and special characters making brute-force prohibitively tedious and a dictionary(technical or traditional) type attack would fail as it is acceptably complex. Coupled with the above mentioned proper salting & encryption and passwords like this are unbreakable in the wild. Mixed language passphrase passwords are even more secure.
Example:

Long.Pass=Phra53s-Canb3fUn,paTok

In this case, the same password is mixed with a misspelled insult from a fictional language. Still easy to memorize but impossible to guess or brute-force. With properly implemented 128bit encryption, the fastest computer array currently on Earth would need approximately 1.2billion years to crack it by brute-force methods. Using 160bit encryption that time increases to 43billion years. Even the slowest phone on Earth can handle 160bit encryption without much effort.

These large corporations are overlooking the obvious and need to leave security concerns to security experts instead of nitwits trying to climb the ladder.

IPv6 should solve this problem, but privacy standards been pushed which compromise security (temporary random ipv6 allocation in the OS) compromise this idea alongside many broadband providers dragging their feet on ipv6 adoption.
Sorry man, IPV6 is ridiculously insecure. "House of Cards" kind of insecure.

OK, and what prevents an attacker from spoofing an IP?
Absolutely nothing and it happens all the time.
 
Last edited:
Top