fsagx - Slashdot User

Submission + - New Standard for Website Authentication Proposed: SQRL (Secure QR Login) (grc.com)

Submitted by fsagx on Thursday October 17, 2013 @01:20PM

fsagx writes: Steve Gibson, from the Security Now podcast, has proposed a new standard method for website authentication. The SQRL system (pronounced “squirrel”) eliminates problems inherent in traditional login techniques.The website's login presents a QR code containing the URL of its authentication service, plus a nonce. The user's smartphone signs the login URL using a private key derived from its master secret and the URL's domain name. The Smartphone sends the matching public key to identify the user, and the signature to authenticate it. It may be used alongside of traditional username/password to ease adoption.

Submission + - Feds put heat on Web firms for master encryption keys (cnet.com)

Submitted by fsagx on Wednesday July 24, 2013 @07:14PM

fsagx writes: The U.S. government has attempted to obtain the master encryption keys that Internet companies use to shield millions of users' private Web communications from eavesdropping. These demands for master encryption keys, which have not been disclosed previously, represent a technological escalation in the clandestine methods that the FBI and the National Security Agency employ when conducting electronic surveillance against Internet users.

Slashdot Top Deals