Facebook’s New Software Suggests Passwords May One Day be Obsolete

Kathryn Rattigan
Robinson+Cole Data Privacy + Security Insider
Contact
LinkedIn
Facebook
X
Send
Embed

Facebook says that someday ‘the password’ will be a distant memory. But for now, passwords are certainly necessary. However, Facebook has released a beta version of its Delegated Account Recovery software –a new way for social networks to be the backup security key when online consumers forget their password on different, non-Facebook websites and services. The concept behind this software: When a consumer forgets their password on a website, mobile app or other online service, the website, mobile app or service will instead use Facebook to verify the individual consumer instead of prompting the individual to re-set a password and answer security questions that are often not completely secure methods of password transmission. Delegated Account Recovery will require that the individual consumer prove that they are who they say they are by recognizing friends’ photos in order to log into their account on other websites, mobile apps or online services. Facebook security engineer, Brad Hill, said, “We want to make sure we can let you use identifying information to keep yourself secure, but not have to trade your privacy. Right now, you tell your mother’s maiden name to 500 different places and if anyone of them gets hacked, then you’re vulnerable everywhere.”

Facebook says its new method is more secure than the typical password reset via an email or code to a mobile device. Text messages are unencrypted and all email accounts can easily be hacked. The Delegated Account Recovery software works even if the individual consumer changes their phone number or email address.

However, the public is generally skeptical about trusting Facebook with their other accounts—Facebook already knows everything about you and uses your information to advertise to you. And if an individual consumer’s Facebook account were hacked, then of course, those hackers can use that information to log into other accounts. Of course, Facebook insists that it has safeguards in place to recognize fraudulent activity and that it limits the amount of third-party accounts that can be recovered at one time. For now, only developers will be trying out this new software. Eventually, Facebook will open-source Delegated Account Recovery so that any company can use it, so even if as a consumer you don’t trust Facebook with your identity, you may have put trust in another company that implements this tool.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Robinson+Cole Data Privacy + Security Insider
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide