US carriers create single sign-on service that could end passwords

AT&T, Sprint, T-Mobile and Verizon have teamed up to create a single sign-on service that could mean you won't have to use a password manager or remember your (hopefully strong) login credentials for every app on your phone. The carriers say Project Verify can authenticate your logins by confirming your identity using factors like your phone number, SIM card information, the type of phone account you have, IP address and how long you've had your plan.

Once it's up and running, you'll be able to use the Project Verify app to log into services that have enabled it as an option. It can display your latest sign ins to each app, and you can revoke access for those you don't use anymore. The technology can also be used for two-factor authentication.

It'd be difficult for a hacker to spoof all of the methods that Project Verify uses to establish your identity, so it seems somewhat secure. However, if someone were to steal your phone and were able to unlock the device, they could cause all kinds of chaos.

Some apps could require additional login data like a PIN or your fingerprint, a spokesperson told The Verge -- that'd add an extra layer of security for services that handle your most sensitive information. But if the apps stick with the core version of Project Verify's login process and someone accesses your device, every service you use could be compromised.

Via: The Verge

Source: Project Verify



via Engadget RSS Feed https://ift.tt/2QtlZis
RSS Feed

If New feed item from http://www.engadget.com/rss-full.xml, then send me


Unsubscribe from these notifications or sign in to manage your Email Applets.

IFTTT

Comments

Popular posts from this blog

Evernote cuts staff as user growth stalls

The best air conditioner

We won't see a 'universal' vape oil cartridge anytime soon