
UnifyID wants to bury the password once and for all - obi1kenobi
https://techcrunch.com/2016/09/12/unifyid-wants-to-bury-the-password-once-and-for-all/
======
stephenr
Seriously. Just stop.

Strong hashing service-side and strong random password generation client side
(coupled with usable password management) is a solution that works literally
right now.

Its also very easy to explain technically, and reasonably easy for security
researchers to verify claims (ie hashing algorithms, source of random
passwords, password manager storage method, etc)

This will almost certainly be covered by patents, and honestly how can anyone
possibly analyse the security of this method without inherently trusting what
the authors say or becoming an expert in the field themselves.

This also sounds like too many failure modes. Hurt your leg? Sorry no email
for you this week. Got a blister and can't type the same? Sorry no logging
into your banking site.

What happens about people who can't walk and/or don't type directly?

If the effort going into these ridiculous efforts went into giving more users
access to a decent password manager the problem would be solved in no time.

------
pdkl95
> With UnifyID, instead of supplying a password, the system begins to build an
> understanding about who you are, the devices you use, the places you go, the
> sensors you interact with throughout a day, even the way you walk and the
> cadence of your typing.

Oh, so it's a cheap excuse to aggregate a huge amount of personal location
data, activity logs, and a keylogger. This is exactly the data needed to build
a _very_ accurate pattern-of-life profile. Sure, you could probably make a
reasonable estimate if the right person is trying to authenticate, but that's
_obviously_ not the goal.

------
sadysnaat
Does anyone have (referral code/secret handshake) for the same?

