gabe@gabegold.com
Date: Tue, 31 Oct 2017 16:48:46 -0400
Scientists from Florida International University and Bloomberg have created a custom two-factor authentication (2FA) system that relies on users taking a photo of a personal object.
The act of taking the photo comes to replace the cumbersome process of using crypto-based hardware security keys (e.g., YubiKey devices) or entering verification codes received via SMS or voice call.
The new system is named Pixie, and researchers argue it is more secure than the aforementioned solutions.
https://www.bleepingcomputer.com/news/security/researchers-devise-2fa-system-that-relies-on-taking-photos-of-ordinary-objects/
What could go wrong? "What do you mean you threw away that crumpled beer can? IT WAS MY PASSWORD".
Then there's this:
This is because the system doesn't restrict users and they can choose anything they want as their login trinket, from their watch to parts of their body, and from clothing objects to furniture. Users should be careful not to choose perishable objects like food, because once it's gone, users will most likely get locked out of their account.
Too bad Anthony Weiner's in jail, he could test it.