You are what you do - Identification based on behavior
Thinking about the desire for a password-less society. When it boils down to it there are a few major leagues of password security.
AMQP + Document Database = ZebraMQ
Part 1
Smart Captcha
There is an alternative to the popular Google reCaptcha (https://www.google.com/recaptcha)) that I have used 10+ years ago, called Text Captcha. (Try http://api.textcaptcha.com/cp.json for a demo) It is simple language type questions that require a very minimal effort to follow…but somehow I prefer greatly over those terrible images I can’t seem to understand.
Authentication: The real me
Authentication as we use it in the security world is obviously from the word “authentic”, meaning genuine. Today we find most common authentication means are simply fulfilling an already established contract with secret information that only the account owner would posses. This gives no insight that the given user who initially established his account let’s call him Bob is in fact Bob logging into his account or Alice, a third party listener may have somehow obtained Bob’s authentication credentials. Since Bob’s credentials may be a username and password pair, the only thing that protects this account is possessing this secret information. You haven’t missed anything, all I have said is that modern day authentication means rely on secrecy or private information that only the account hold would posses. What if we were able to actually establish that Bob, is the same Bob that initially established his account. Not due to knowledge of a simple pair of username/password credentials, or a selected picture and the like. Rather, what if Bob was somehow able to expose his likes, dislikes, habits, tendencies, interests, etc. and this information may be used to not verify that Bob knows his password, but that Bob is Bob.
Protect your data! - The cure to identity theft
Today identity theft is a very real threat that we face. There are many unprotected pieces of information that can be used to identify oneself that have little or no internal protection. The worst thing is that we are not in control over our own data. Once we have given information to a third party like an insurance company, a bank, or utility company we have little or no control over what happens to this information. We are not able to say he Mr. Blue Cross I want to terminate my service with you because I don’t think you secure my information properly. Sure you can cancel your service with the company, but what happens to your data?
The Single Page Application
Single page Web applications are the next iteration of Web applications from the inception if the “Web application” versus a “Web site”. Ultimately the distinction between application and site are not clearly defined, however I usually say that the line is crossed when the purpose of the user’s interaction is more about “doing” something rather than simply consuming content.