WEBVTT - What is WebAuthn 0:00:04.120 --> 0:00:07.160 Get in touch with technology with tech Stuff from how 0:00:07.200 --> 0:00:14.160 stuff Works dot com. Hey there, and welcome to tech Stuff. 0:00:14.200 --> 0:00:17.319 I'm your host, Jonathan Strickland. I'm an executive producer with 0:00:17.360 --> 0:00:19.400 How Stuff Works and my Heart Radio and I love 0:00:19.560 --> 0:00:24.040 all things tech. And today we're gonna cover a topic 0:00:24.160 --> 0:00:28.120 that's a listener request that nikkil Cardale and I apologize. 0:00:28.640 --> 0:00:32.080 I am sure I have butchered the pronunciation of your name. 0:00:32.400 --> 0:00:35.080 That is totally on me, but he sent in a 0:00:35.159 --> 0:00:38.159 great request for a podcast topic. He linked me to 0:00:38.280 --> 0:00:40.720 an article on The Verge, which is one of my 0:00:40.760 --> 0:00:44.080 favorite tech news sites. By the way, Verges is great 0:00:44.120 --> 0:00:46.239 if you want to catch up on tech news. But 0:00:46.440 --> 0:00:49.800 the article has the title the Web just took a 0:00:49.920 --> 0:00:53.080 big step toward a password free future, and it was 0:00:53.120 --> 0:00:57.800 written by John Porter. The article talks about an authentication 0:00:57.920 --> 0:01:02.200 standard called web authen that's a W E B A 0:01:02.440 --> 0:01:06.520 U T h N, which is short for Web authentication. 0:01:06.800 --> 0:01:09.080 So in this episode, we're going to explore why we 0:01:09.080 --> 0:01:12.000 would want to move beyond passwords in the first place. 0:01:12.000 --> 0:01:13.960 I mean, what's wrong with passwords. We're going to cover 0:01:14.040 --> 0:01:17.480 that and what web often is and how we might 0:01:17.520 --> 0:01:21.600 interact with that in the future. So strap in securely, 0:01:22.280 --> 0:01:26.640 because security is what this is all about. So let's 0:01:26.840 --> 0:01:31.320 start with passwords. The idea of the password is truly ancient, 0:01:31.360 --> 0:01:33.640 and I don't just mean it's been around for decades 0:01:33.680 --> 0:01:37.760 and computer science. It's truly ancient, and it was a 0:01:37.760 --> 0:01:41.000 pretty common go to for various societies to protect and 0:01:41.080 --> 0:01:44.800 authenticate information and messengers. Do you need access to a 0:01:44.800 --> 0:01:49.280 secure location, better know the password. Chances are it's sword fish. 0:01:49.480 --> 0:01:52.480 You want to confirm that the information you are delivering 0:01:52.720 --> 0:01:55.800 is legit. What you got to share the password. But 0:01:55.880 --> 0:01:58.360 we all know this stuff, right, It's right up there 0:01:58.360 --> 0:02:00.840 with the history of codes and cryptic rams. I'm not 0:02:00.880 --> 0:02:04.000 telling you anything you don't know already. So let's flash forward. 0:02:04.720 --> 0:02:09.360 Let's say a few dozen centuries, and then we'll arrive 0:02:10.000 --> 0:02:14.239 at the Massachusetts Institute of Technology, good old m i T. 0:02:14.880 --> 0:02:19.320 And the year is nineteen sixty. A mathematician and physicist 0:02:19.400 --> 0:02:24.959 named Dr Fernando Corbato was working in the universities relatively 0:02:25.160 --> 0:02:29.480 young computation center. Now, back in those days, computers were 0:02:29.639 --> 0:02:33.320 monsters of the thing. The practice at the time was 0:02:33.360 --> 0:02:36.680 to use dumb terminals, meaning you had a keyboard and 0:02:36.680 --> 0:02:39.480 you had to display but it didn't have any computation 0:02:39.520 --> 0:02:43.560 power itself. It was connected to a centralized computer along 0:02:43.560 --> 0:02:46.880 with several other dumb terminals. So you have multiple terminals 0:02:46.919 --> 0:02:50.880 all connecting back to one centralized computer system. The computer 0:02:51.400 --> 0:02:55.760 couldn't truly multitask. You couldn't have all of those dumb 0:02:55.840 --> 0:03:01.600 terminals communicating simultaneously with that centralized computer. Instead, it would 0:03:01.600 --> 0:03:05.840 dedicate a certain number of processing cycles to each terminal, 0:03:06.120 --> 0:03:09.440 and it would rotate through the terminals in turn in 0:03:09.440 --> 0:03:12.240 a process that was called time sharing. So let's say 0:03:12.240 --> 0:03:15.680 that you've got ten dumb terminals attached to this central computer. 0:03:16.120 --> 0:03:18.799 For a certain number of cycles, the computer would say, 0:03:18.800 --> 0:03:22.680 all right, let me handle the commands from terminal one. 0:03:23.080 --> 0:03:25.919 Then I'll go to terminal two, terminal three, etcetera, etcetera, 0:03:26.000 --> 0:03:28.600 until I get back around to terminal one. This would 0:03:28.600 --> 0:03:34.320 happen pretty fast, so the delay wasn't always necessarily noticeable. 0:03:34.680 --> 0:03:37.160 It all depending on how many terminals there were and 0:03:37.200 --> 0:03:40.320 how many processing cycles were dedicated to each terminal. But 0:03:40.400 --> 0:03:45.920 you get the idea. So this computation time was precious. 0:03:46.120 --> 0:03:49.280 In fact, M I T. S standard practice in nineteen 0:03:49.360 --> 0:03:53.120 sixty was to limit each computer user to just four 0:03:53.280 --> 0:03:58.960 hours of computer time every week, so you can see 0:03:58.960 --> 0:04:01.280 that you need to make really good use of that 0:04:01.320 --> 0:04:05.760 computer time. Now people were literally using the same machine 0:04:06.480 --> 0:04:09.400 and reserving those blocks of time to do work on 0:04:09.800 --> 0:04:13.920 that computer, and that meant that you had various graduate students, professors, 0:04:14.000 --> 0:04:17.919 lab employees, and more, all relying on the same hardware 0:04:18.240 --> 0:04:22.920 and more importantly for this discussion, the same disc file system, 0:04:22.960 --> 0:04:25.480 and they all had different files that they would work on. 0:04:25.880 --> 0:04:28.159 So there need to be some way to protect one 0:04:28.240 --> 0:04:32.359 person's files so that the respective person could be reasonably 0:04:32.400 --> 0:04:35.000 sure those files would be there when they would need 0:04:35.040 --> 0:04:40.520 them next. So Fernando's solution was to create a password system. 0:04:40.680 --> 0:04:44.120 Each user would have his or her own password that 0:04:44.160 --> 0:04:47.440 would allow them to access their files while keeping all 0:04:47.520 --> 0:04:50.960 the other users files off limits. It was sort of 0:04:50.960 --> 0:04:55.039 a clueg solution to the problem, and Fernando himself didn't 0:04:55.080 --> 0:04:57.760 necessarily think it was meant to be the go to 0:04:57.960 --> 0:05:01.680 methodology for securing data from that point forward. It was 0:05:01.760 --> 0:05:04.760 really just kind of a stop gap. But sometimes when 0:05:04.800 --> 0:05:08.240 an idea takes hold, we just run with it, even 0:05:08.279 --> 0:05:10.240 if it turns out that that idea might not have 0:05:10.279 --> 0:05:12.520 been the best one. To hitch our wagons too in 0:05:12.560 --> 0:05:15.840 the long run, and so is the case with passwords. Now. 0:05:15.839 --> 0:05:19.800 At first, passwords didn't need to be particularly complicated or 0:05:19.839 --> 0:05:23.200 disguised in any complex way, because the number of people 0:05:23.240 --> 0:05:25.360 who had access to the computer in the first place 0:05:25.760 --> 0:05:29.279 was pretty darned small, and so was a manageable system. 0:05:29.360 --> 0:05:33.440 You could, and theory even have your passwords completely unencrypted, 0:05:33.880 --> 0:05:37.320 and as long as no one is digging around for it, 0:05:37.320 --> 0:05:41.240 it's fine. But you know, you always find troublemakers. And 0:05:41.240 --> 0:05:44.400 Fernando's approach couldn't scale up to something as immense as 0:05:44.400 --> 0:05:47.960 the Internet without some pretty significant enhancements. So we're gonna 0:05:47.960 --> 0:05:50.880 flash forward again, and now we're in the nineteen seventies, 0:05:50.920 --> 0:05:54.840 a little more than a decade after the modest solution 0:05:54.920 --> 0:05:57.719 from Fernando had taken deep hold in the computer labs 0:05:57.720 --> 0:06:02.720 across various universities. That's when Robert Morris Senior came up 0:06:02.760 --> 0:06:06.440 with another methodology to use in combination with passwords to 0:06:06.520 --> 0:06:11.160 make them more secure. This was called hashing. Now, in hashing, 0:06:11.720 --> 0:06:15.080 you start off with your password, and the password is 0:06:15.120 --> 0:06:19.080 made up of a string of characters. Uh so, maybe 0:06:19.080 --> 0:06:21.480 it's all letters, maybe it's a combination of different things. 0:06:21.480 --> 0:06:24.800 Maybe it's case sensitive and that means you could have 0:06:24.839 --> 0:06:29.080 both upper and lower case letters in that particular password. 0:06:29.720 --> 0:06:33.480 Maybe it includes numerals and symbols in it. But whether 0:06:33.520 --> 0:06:36.840 it's a strong password or not, you have a series 0:06:36.920 --> 0:06:40.080 of characters that make up your password. Then you take 0:06:40.080 --> 0:06:43.239 that serious series of characters are rather, the system does, 0:06:43.800 --> 0:06:47.240 and it applies a mathematical operation to that series of 0:06:47.320 --> 0:06:51.599 characters to transform them into a numerical code that represents 0:06:51.640 --> 0:06:55.520 the original password. That numerical code is what would get 0:06:55.520 --> 0:06:58.680 stored in a database, and that creates that added level 0:06:58.720 --> 0:07:01.880 of security because of some one else were to get 0:07:01.920 --> 0:07:05.640 access to this database, they wouldn't find a bunch of raw, 0:07:05.760 --> 0:07:09.400 unencrypted passwords that they could then use to get unauthorized 0:07:09.440 --> 0:07:13.040 access to a system. Instead, they would get the numerical 0:07:13.160 --> 0:07:18.640 codes that represent passwords but are not themselves passwords. So, 0:07:18.680 --> 0:07:21.760 in other words, if I got the hash of your password, 0:07:21.840 --> 0:07:25.320 let's say I get this incredibly long string of numbers 0:07:25.360 --> 0:07:29.440 that represents your relatively short password, and I were to 0:07:29.480 --> 0:07:34.040 try and log into an account that you owned, that 0:07:34.200 --> 0:07:38.920 long string of numbers wouldn't work for me, because that's 0:07:38.920 --> 0:07:41.760 what you get after the hashing process. It's not your 0:07:41.800 --> 0:07:45.680 actual password itself. So if the only thing stored on 0:07:45.720 --> 0:07:49.960 the database is this hash, it protects the original password. 0:07:50.280 --> 0:07:53.840 Without knowing what operation was used on that original string 0:07:53.880 --> 0:07:57.000 of characters, it would be very hard to reverse engineer 0:07:57.080 --> 0:08:00.960 the process to get those original passwords. So let's say 0:08:01.000 --> 0:08:05.560 that the mathematical process was a and a very large 0:08:05.640 --> 0:08:09.600 prime number was used to multiply against the value of 0:08:09.640 --> 0:08:13.760 your password. If I don't know the identity of that 0:08:13.920 --> 0:08:17.800 very large prime number, then I cannot determine what was 0:08:17.880 --> 0:08:22.960 the original string. That's the idea behind this particular method 0:08:23.200 --> 0:08:27.320 of of security. Over time, more enhancements were added to 0:08:27.360 --> 0:08:32.440 make passwords additionally secure. Remember that any security system tends 0:08:32.480 --> 0:08:35.240 to be involved in a high stakes game against those 0:08:35.280 --> 0:08:38.079 who would penetrate that system. So you have the hackers 0:08:38.160 --> 0:08:41.439 on one side. They want to know how the security works, 0:08:41.520 --> 0:08:44.640 and in the process they can learn how to exploit 0:08:44.880 --> 0:08:49.760 the security systems. That might not be to capitalize on 0:08:50.040 --> 0:08:52.400 that knowledge. They may just want to know how it works. 0:08:53.120 --> 0:08:56.400 But whether that's the case or not, they do. If 0:08:56.440 --> 0:08:58.240 they know how it works, they know how to exploit it. 0:08:58.600 --> 0:09:00.760 That's and that's a danger. I mean, obviously that makes 0:09:00.800 --> 0:09:05.680 the system insecure. It's like if someone who probably isn't 0:09:05.679 --> 0:09:09.400 a thief, but maybe you know they could be persuaded 0:09:09.440 --> 0:09:11.600 to be a thief if you gave them a copy 0:09:11.679 --> 0:09:14.920 of the key into the bank vault. That's probably a 0:09:14.960 --> 0:09:19.640 bad idea. So on the other side of this game 0:09:19.840 --> 0:09:22.480 are the security system engineers who are trying to shore 0:09:22.559 --> 0:09:26.160 up defenses and make it harder for outsiders to get 0:09:26.200 --> 0:09:29.600 access to a system. So they're trying to identify and 0:09:29.640 --> 0:09:33.800 patch vulnerabilities before those vulnerabilities can be exploited, or if 0:09:33.800 --> 0:09:37.720 a vulnerability has been exploited, to address that and fix 0:09:37.760 --> 0:09:40.960 it so that it's no longer an entry point into 0:09:41.000 --> 0:09:44.560 the system. So that's why we started seeing other methods 0:09:44.920 --> 0:09:48.400 being used with passwords, like salting, for example, that became 0:09:48.480 --> 0:09:51.360 part of the password systems. Salting is when a system 0:09:51.400 --> 0:09:55.079 adds a string of random data before the actual password 0:09:55.160 --> 0:09:59.920 characters and then puts the entire string through the hashing process, 0:10:00.280 --> 0:10:03.040 and that makes it even more complicated to unravel because 0:10:03.280 --> 0:10:05.760 not only do you have the starting password, you have 0:10:05.880 --> 0:10:10.920 the random data of the salt That has further complicated 0:10:10.920 --> 0:10:13.960 the whole process, and a lot of security depends upon 0:10:14.640 --> 0:10:19.280 the people using the system being careful. Hi, there's the 0:10:19.400 --> 0:10:23.880 rub is an assumption that is frequently unsafe to make. 0:10:24.720 --> 0:10:28.560 To have a truly secure system, you need the people 0:10:28.760 --> 0:10:32.280 who create accounts to make strong passwords that are difficult 0:10:32.400 --> 0:10:37.480 or impossible to guess. Because if I could guess that 0:10:37.600 --> 0:10:40.120 you are going to use let's say your cat's name 0:10:40.480 --> 0:10:44.160 as your password, it really doesn't matter how much salting 0:10:44.480 --> 0:10:47.880 or hashing or other fancy things are going on behind 0:10:47.880 --> 0:10:50.800 the scenes with the password. If I can guess what 0:10:50.920 --> 0:10:53.200 you used as your password, I can just type that 0:10:53.400 --> 0:10:56.680 in when logging in. As you and I have access, 0:10:57.040 --> 0:10:59.839 I don't need to do any fancy decoding, d HA 0:11:00.080 --> 0:11:02.160 shing or anything like that. I don't have to even 0:11:02.400 --> 0:11:06.800 get access to the hashed passwords in that database. If 0:11:06.800 --> 0:11:11.640 I could just guess that used Mr. Kiddies as your password, 0:11:11.920 --> 0:11:14.640 then I'm going to get in. That's why there's such 0:11:14.679 --> 0:11:18.520 an emphasis on creating strong passwords, because it makes it 0:11:18.679 --> 0:11:22.080 very hard for attackers to score a hit by just 0:11:22.200 --> 0:11:25.480 knowing a few details about you or making some educated guesses. 0:11:26.000 --> 0:11:29.760 The longer and stronger your password is, the less likely 0:11:29.840 --> 0:11:32.400 someone is going to get access to your account through 0:11:32.559 --> 0:11:35.440 a brute force attack, not when a hacker or a 0:11:35.480 --> 0:11:39.120 cracker or whatever you want to call them, uses a 0:11:39.120 --> 0:11:43.680 password generator, for example, that cycles through possible passwords. Typically 0:11:44.040 --> 0:11:47.680 it will start with common passwords, maybe default passwords for 0:11:47.720 --> 0:11:51.280 certain systems like routers tend to have default passwords and 0:11:51.360 --> 0:11:53.600 a lot of people don't change them and that could 0:11:53.640 --> 0:11:57.120 become a problem, or common passwords that people tend to 0:11:57.160 --> 0:12:01.599 rely upon, like password, or if you're really clever, password 0:12:01.600 --> 0:12:05.240 one two three, and seriously, if you use password one 0:12:05.280 --> 0:12:09.480 two three is a password, please change it? Please? It 0:12:09.520 --> 0:12:13.960 would be a great idea. And then after that the 0:12:13.960 --> 0:12:17.600 password generator might work its way through a list of 0:12:17.720 --> 0:12:20.960 common words and a big database that hackers tend to 0:12:20.960 --> 0:12:25.000 develop that where they'll store common passwords in that database. 0:12:25.600 --> 0:12:29.840 So it's not a true dictionary. It's called a dictionary attack. 0:12:30.160 --> 0:12:32.680 It's not necessarily a true dictionary where you're just working 0:12:32.679 --> 0:12:36.400 through all the words of a various of a specific language, 0:12:36.679 --> 0:12:39.600 but rather you're working through a database of words that 0:12:39.679 --> 0:12:44.480 have been flagged as being common passwords. Because we humans 0:12:44.520 --> 0:12:46.760 tend to pick these sort of things, we tend to 0:12:46.760 --> 0:12:50.640 rely upon them. Now beyond that, let's say that you 0:12:50.679 --> 0:12:54.079 haven't used one of these common words, the generator might 0:12:54.120 --> 0:12:57.160 start going through new guesses and the hopes of landing 0:12:57.160 --> 0:12:59.160 on the right one. So if you make your password 0:12:59.240 --> 0:13:01.840 very strong, lots of upper and lower case letters and 0:13:02.000 --> 0:13:05.120 numbers and some symbols, and you make it long enough, 0:13:05.400 --> 0:13:07.400 it makes it very hard for a brute force attack 0:13:07.440 --> 0:13:10.720 to get through, because it's not likely that it's going 0:13:10.760 --> 0:13:15.080 to hit upon that specific combination of characters. Of course, 0:13:15.840 --> 0:13:18.560 the flip side of that is it also makes it 0:13:18.720 --> 0:13:21.920 very hard for you to remember that password. And that's 0:13:21.960 --> 0:13:25.160 the other big weakness of passwords. We have to use 0:13:25.200 --> 0:13:29.400 them to access our stuff, and convenience is a very 0:13:29.440 --> 0:13:33.320 important thing to us. Security is important, but so is convenience. 0:13:33.600 --> 0:13:38.280 If I make the most amazing password and it is 0:13:39.320 --> 0:13:42.840 not impossible to crack with a conventional computer system, like 0:13:42.880 --> 0:13:46.960 it would take centuries for a computer to guess the password, 0:13:47.200 --> 0:13:49.080 and by the time it did, I'd be long dead 0:13:49.080 --> 0:13:52.880 and wouldn't care anyway. That's fine. But if I can't 0:13:52.880 --> 0:13:55.320 remember the password, what good does it do me? I 0:13:55.360 --> 0:13:58.400 can't access my stuff anyway. So if all of our 0:13:58.440 --> 0:14:01.720 passwords are unique, which they should be, if we make 0:14:02.200 --> 0:14:05.599 every password we use on every service a unique password 0:14:05.920 --> 0:14:09.160 across all of those services, and all of those passwords 0:14:09.200 --> 0:14:12.840 are really strong, We're probably gonna need some sort of 0:14:12.880 --> 0:14:17.560 password vault or manager to hold all of them because 0:14:18.120 --> 0:14:20.080 we're not going to be able to remember all of 0:14:20.120 --> 0:14:23.720 these unique strings of characters with upper and lower case 0:14:23.800 --> 0:14:27.200 and numbers and symbols. It's just our brains just don't 0:14:27.200 --> 0:14:29.920 tend to work that way. So I use a password 0:14:29.920 --> 0:14:33.600 manager myself. I use dash Lane, but there are tons 0:14:33.920 --> 0:14:37.280 of services out there, so I'm not saying dash Lane 0:14:37.320 --> 0:14:39.240 is the one and only it's the one I use, 0:14:39.360 --> 0:14:41.400 but there are lots of other really good ones out there, 0:14:42.200 --> 0:14:45.000 and we might enable other security measures as well. In fact, 0:14:45.040 --> 0:14:47.280 we should if we have the option, stuff like two 0:14:47.280 --> 0:14:51.440 factor authentication to improve security and reduce the chance that 0:14:51.560 --> 0:14:55.080 some unauthorized person would get access to our stuff. I've 0:14:55.120 --> 0:14:57.520 talked about this before, but just as a reminder, two 0:14:57.600 --> 0:15:01.400 factor security is when you combine factors, or you can 0:15:01.400 --> 0:15:04.240 think of them as sort of like categories of stuff 0:15:04.280 --> 0:15:07.200 to authenticate that you are who you say you are. 0:15:07.640 --> 0:15:10.920 So one factor could be a password that falls into 0:15:10.960 --> 0:15:15.080 the category of something you know, something you the user knows, 0:15:15.680 --> 0:15:19.200 so that's one factor. Then you would want to use 0:15:19.320 --> 0:15:23.280 a different factor, something belonging to a different category. So 0:15:23.760 --> 0:15:26.800 that might be a token, or it might be a 0:15:26.800 --> 0:15:30.080 cell phone that you have where you've registered your cell 0:15:30.080 --> 0:15:33.400 phone number in your profile, right, so when you log in, 0:15:34.000 --> 0:15:37.000 you do your password, that's something you know, and then 0:15:37.520 --> 0:15:40.720 the service sends you a message onto your cell phone. 0:15:40.760 --> 0:15:43.840 Maybe there's a text message with a code at one time, 0:15:43.960 --> 0:15:47.160 use code associated with it that you are supposed to 0:15:47.280 --> 0:15:50.720 enter in order to log into the service. This factor 0:15:51.160 --> 0:15:55.520 relies on something that you have the phone, so something 0:15:55.520 --> 0:15:58.680 you know, the password, something you have the phone and 0:15:58.720 --> 0:16:01.720 become Combining those fact there's you decrease the chance that 0:16:01.840 --> 0:16:05.400 someone other than yourself can access your stuff. It's still 0:16:05.440 --> 0:16:08.040 not full proof, there's still ways to work around it 0:16:08.080 --> 0:16:13.480 if you're really determined, but it reduces the chances of 0:16:13.560 --> 0:16:17.800 somebody being able to get unauthorized access to your accounts. 0:16:17.880 --> 0:16:22.680 So if you use services that offer to factor authentication, 0:16:23.720 --> 0:16:27.320 I highly recommend you actually activate that. But it's pretty 0:16:27.320 --> 0:16:31.760 clear that passwords aren't the ideal solution for security. They 0:16:31.800 --> 0:16:35.000 rely too heavily on the people using the systems to 0:16:35.080 --> 0:16:38.040 take the steps needed to make those systems truly secure. 0:16:38.440 --> 0:16:41.720 And I'm not placing all the blame on users because 0:16:41.760 --> 0:16:44.200 taking all those steps, if you're really trying to be 0:16:44.280 --> 0:16:46.920 super secure and you also want to rely on a 0:16:46.920 --> 0:16:49.880 lot of different services, that's a big pain in the butt, 0:16:50.480 --> 0:16:53.760 you know, it's it's it's not convenient. And on top 0:16:53.800 --> 0:16:56.720 of all of that, we're also at the dawn of 0:16:56.760 --> 0:17:00.920 the age of quantum computing, which could potentially render modern 0:17:01.000 --> 0:17:05.000 passwords as obsolete. That's because the peculiar way that quantum 0:17:05.000 --> 0:17:09.280 computers depend upon phenomena like superposition, in which a quantum 0:17:09.320 --> 0:17:12.439 particle can inhabit multiple states at once, sort of like 0:17:12.480 --> 0:17:14.480 a light switch being able to be off and on 0:17:14.720 --> 0:17:19.680 at the same time, or the quantum phenomena of entanglement, 0:17:20.160 --> 0:17:22.879 in which two quantum particles had their states tied to 0:17:22.920 --> 0:17:25.360 one another, no matter how far apart those particles might 0:17:25.400 --> 0:17:30.280 be in space. The whole quantum computer discussion gets really complicated, 0:17:30.320 --> 0:17:32.679 but what it boils down to for the purposes of 0:17:32.720 --> 0:17:37.719 cryptography is that a quantum computer with sufficient computing power 0:17:38.600 --> 0:17:41.720 will be very good at certain tasks, and among them 0:17:41.880 --> 0:17:45.119 could be breaking modern security systems. If you had a 0:17:45.119 --> 0:17:48.680 hacker who had access to a powerful quantum computer and 0:17:48.880 --> 0:17:51.639 the right algorithm. Because it's not just that a quantum 0:17:51.640 --> 0:17:54.399 computer can magically do this. You'd have to actually design 0:17:54.440 --> 0:17:57.840 the algorithm to do this. But people have designed such 0:17:57.880 --> 0:18:01.960 algorithms they could con eviably penetrated secure system in a 0:18:02.000 --> 0:18:05.840 relatively short amount of time, and so even strong passwords 0:18:05.880 --> 0:18:08.719 are on borrowed time. That sets the stage for us 0:18:08.720 --> 0:18:12.480 to talk about web athen although that's not a cure 0:18:12.560 --> 0:18:16.760 all for the quantum computer problem, but I'll explain more 0:18:16.800 --> 0:18:20.520 about that in just a second. First, let's take a 0:18:20.640 --> 0:18:30.320 quick break, all right, So what is web auth in? 0:18:30.920 --> 0:18:34.720 So it's a specification that has recently been upgraded to 0:18:34.880 --> 0:18:39.320 full on standard status by the Worldwide Web Consortium or 0:18:39.480 --> 0:18:43.240 W three C and the Fido Alliance f I d O. 0:18:43.720 --> 0:18:46.520 But what the heck does all of that mean? Well, 0:18:46.560 --> 0:18:50.600 the W three C is quote an international community where 0:18:50.640 --> 0:18:54.200 member organizations, a full time staff, and the public work 0:18:54.320 --> 0:18:58.159 together to develop Web standards. Led by Web inventor and 0:18:58.240 --> 0:19:02.880 director Tim Berners Lee and CEO Jeffrey Jaff. W three 0:19:02.920 --> 0:19:05.800 c's mission is to lead the Web to its full 0:19:05.800 --> 0:19:09.000 potential end quote. So the purpose of the W three 0:19:09.040 --> 0:19:11.840 C is to standardize stuff for the Web so that 0:19:11.880 --> 0:19:14.960 there's kind of a unified foundation upon which all web 0:19:15.080 --> 0:19:18.280 stuff can be built. Without some sort of organization to 0:19:18.320 --> 0:19:21.000 oversee this, you could end up with a very fractured 0:19:21.040 --> 0:19:24.960 experience that would be a nightmare to navigate, because as 0:19:24.960 --> 0:19:28.640 a user, you might discover that you can't visit some 0:19:28.680 --> 0:19:33.359 websites or use some web services if you were using 0:19:33.400 --> 0:19:37.520 a particular browser versus another, or a particular device versus another. 0:19:37.640 --> 0:19:40.119 Might be that, oh, when I'm on this smartphone, I 0:19:40.200 --> 0:19:43.399 can't access this thing, or if I'm using Chrome instead 0:19:43.400 --> 0:19:46.040 of Firefox, I can't go to this website. That would 0:19:46.080 --> 0:19:49.399 be awful. So we don't want that to happen. Standards 0:19:49.920 --> 0:19:53.879 allow us to create that common ground where we know, 0:19:54.720 --> 0:19:57.359 as long as everything is built on those standards, we 0:19:57.400 --> 0:20:02.920 should be able to access it through standardized browser or device, 0:20:03.480 --> 0:20:08.080 or rather a browser device that works on those same standards. Now, 0:20:08.119 --> 0:20:12.040 in turn, if we did not do that, then we 0:20:12.080 --> 0:20:15.000 would have a very fractured approach, right. You would have 0:20:15.080 --> 0:20:18.679 to have multiple browsers on your computer in order to 0:20:18.880 --> 0:20:21.280 access different things. You might say, oh, well, I want 0:20:21.280 --> 0:20:23.000 to go to my bank, but that means I got 0:20:23.080 --> 0:20:24.640 a quit out of Chrome and I need to open 0:20:24.760 --> 0:20:29.600 up uh, you know, Firefox or Safari or something like that. 0:20:29.600 --> 0:20:31.879 That would be a nightmare. On top of that, you 0:20:31.960 --> 0:20:34.919 might end up having certain types of services where you 0:20:34.920 --> 0:20:38.200 would have to install lots of different extensions onto an 0:20:38.200 --> 0:20:42.520 existing browser, which could introduce security vulnerabilities. So that could 0:20:42.520 --> 0:20:44.960 be bad. So the W three C seeks to make 0:20:45.000 --> 0:20:47.600 the web a virtual place where anyone with a browser 0:20:48.240 --> 0:20:51.119 or a web enabled device can access the stuff on 0:20:51.160 --> 0:20:53.480 the web in a positive way, meaning way that doesn't 0:20:53.520 --> 0:20:57.520 like invite malware and security breaches. Now, the final alliance 0:20:58.119 --> 0:21:01.920 is quote an open end street association with a focused 0:21:02.000 --> 0:21:06.240 mission authentication standards to help reduce the world's over reliance 0:21:06.320 --> 0:21:11.320 on passwords end quote. So this ties directly into the 0:21:11.359 --> 0:21:14.600 whole purpose of web off in. The goal of FIDO 0:21:14.800 --> 0:21:17.439 is to use open standards to develop better ways to 0:21:17.520 --> 0:21:21.000 secure systems that not only protect data but are easy 0:21:21.119 --> 0:21:25.520 for end users to employ without negatively impacting access to 0:21:25.560 --> 0:21:29.040 the web. That's a tall order. You want something that's 0:21:29.480 --> 0:21:32.760 more secure than passwords, you don't want it to be 0:21:33.160 --> 0:21:38.359 more inconvenient than passwords are, and you want to make 0:21:38.400 --> 0:21:42.919 sure that the actual practice of using it is no 0:21:43.200 --> 0:21:48.000 more negative than a password would be. The organization creates 0:21:48.040 --> 0:21:51.520 these specifications that makes them free to use globally. Fido 0:21:51.680 --> 0:21:54.159 is a relatively young organization that grew out of an 0:21:54.160 --> 0:21:58.359 alliance between PayPal, Lenovo, and several other companies back in 0:21:58.359 --> 0:22:02.200 two thousand twelve, and that developed out of earlier discussions 0:22:02.240 --> 0:22:06.359 between PayPal and a company called Validity Sensors that was 0:22:06.440 --> 0:22:09.399 really focusing on the possibility of using biometrics as a 0:22:09.440 --> 0:22:14.400 means of identifying a user rather than passwords. Okay, so 0:22:14.760 --> 0:22:17.960 those two organizations, Phido n W three C have declared 0:22:17.960 --> 0:22:23.280 the web Authen specification a standard, so now it's adopted 0:22:23.400 --> 0:22:26.640 as the official standard. Now we can dive into what 0:22:26.800 --> 0:22:31.080 web authen is all about now. First, web Authen itself 0:22:31.200 --> 0:22:34.320 is one part of a larger group of specifications called 0:22:34.320 --> 0:22:37.720 Phido two, and it's a standard that focuses on the 0:22:37.760 --> 0:22:41.399 platform or browser level of the Internet ecosystem, So we 0:22:41.400 --> 0:22:45.879 could call this sort of a client side standard. Ultimately, 0:22:46.000 --> 0:22:49.440 what the standard allows for is for web based sites 0:22:49.440 --> 0:22:53.840 and services to use a Phido security key or biometric 0:22:53.960 --> 0:22:58.960 data or a personal mobile device to access their various accounts. 0:22:59.480 --> 0:23:02.359 BioMed tricks could rely on stuff like a fingerprint scan 0:23:02.640 --> 0:23:06.000 or face scan or retina scan, voiceprint The idea here 0:23:06.119 --> 0:23:08.000 is that the user would never have to remember a 0:23:08.000 --> 0:23:13.439 password again, they would instead depend upon this authentication strategy. Now, 0:23:13.480 --> 0:23:17.000 in addition, the log in credentials would be unique to 0:23:17.160 --> 0:23:20.919 each service or site, so in other words, you'd be 0:23:21.000 --> 0:23:24.480 using the same input on your level, like your experience 0:23:24.520 --> 0:23:27.360 would always be the same. It might be the fingerprint 0:23:27.440 --> 0:23:30.320 scan Let's say, so you want to log into your bank, 0:23:30.920 --> 0:23:33.400 use your fingerprint scanner, but then you want to log 0:23:33.480 --> 0:23:36.720 into a social media site, use the fingerprint scanner again. 0:23:37.840 --> 0:23:41.040 So to you, you're using the exact same thing each time. 0:23:41.080 --> 0:23:44.120 But on the back end, the actual credentials that are 0:23:44.160 --> 0:23:48.240 created are unique to the bank or to the social 0:23:48.240 --> 0:23:53.000 media site or whatever. So you don't have one universal 0:23:53.280 --> 0:23:56.720 set of credentials for everything, because that would be a 0:23:56.840 --> 0:24:00.800 very poor security method. So we're going to think about 0:24:01.080 --> 0:24:04.720 fingerprint scans for much of this episode just as the 0:24:04.720 --> 0:24:08.200 purpose of of simplicity. But obviously it could be lots 0:24:08.240 --> 0:24:10.639 of different stuff, and you might even use something like 0:24:10.720 --> 0:24:13.840 a security key on a special USB stick that you 0:24:13.840 --> 0:24:15.760 would plug into a computer when you want to log 0:24:15.800 --> 0:24:19.760 into services. So it doesn't have to be biometric data 0:24:19.960 --> 0:24:24.359 connected directly to you. It could be a specific key 0:24:24.400 --> 0:24:28.520 that you've used when you've registered on some service, and 0:24:28.560 --> 0:24:31.240 then you just have to keep track of that key 0:24:31.440 --> 0:24:34.560 for the rest of your life. So here's the thing. 0:24:34.960 --> 0:24:37.960