Facebook Twitter Google RSS

Operate multiple accounts with single password

Sydney, March 2 (IANS) A little-used internet authentication system from the 1980s could enable web users to securely log in only once per internet session, says a new study.

PhD researcher S. Suriadi from Queensland University of Technology (QUT) Information Security Institute said a secure single sign-on system was more than simply using the same password for multiple accounts.

Suriadi said any future single sign-on system, which could potentially give web users

access to a multitude of accounts, including e-mail, bank and shopping, would require

extreme privacy to avoid information spies and account hackers.

"Single sign-on systems are already being used by organisations," he said. "For example, a bank could link their internet banking site to an online trading site, thus relieving users from having to perform an extra log in step.

"However, if one of the parties is compromised, for example by a virus, a 'denial of

service' attack or insecure set-up, it puts all the user's linked accounts at risk."

Suriadi said his research investigated a little-used "anonymous credential system", which dates back to the 1980s, but recently received renewed interest from the research community.

"Using this credential system, we could enhance the security and privacy of a single

sign-on system," he said.

"The system works by revealing as little information about who you are as necessary for

logging into an account, therefore allowing you to remain anonymous.

"This way, a company wouldn't be able to track your shopping habits and target spam or

marketing at you. This method could also confirm you are over 18 and not reveal your

birthday."

Suriadi said a single sign-on system backed by the anonymous credential system

required the cooperation of businesses and organisations to enable it.

"One use of this could be for the research community, with online libraries and databases applying the anonymous credential system so that the privacy of researchers

can be preserved," he said, according to a QUT release.

(News published under the licence from Indo Asian News Service)

Featured Update

Nokia launches Nokia X, Nokia X+ and Nokia XL Android Smartphones

25 February 2014: Nokia has announced the launch of Android smartphones in the Mobile World Congress held at Barcelona, Spain. The company ...