Description of the invention
Nowadays, people are likely to have more than ten accounts for computers, email accounts, social networks, and various other cloud services, all with different passwords and security policies. Memorizing all passwords is both difficult and annoying, so people often end up using simple passwords, or constantly forgetting less frequently used ones. Effective password security strategies are increasingly becoming more important given that billions of security breaches have made news headline in recent years. Thus an innovative login system is needed that enables password-less access to multiple cloud services while providing secure access to any user, to any application, on any device over any network.
University of Waterloo researchers have developed a novel password-less authentication system, referred to as “Loxin” that relieves the user from having to remember cumbersome passwords. Loxin employs public-key cryptography to enable users to log on to various systems or services on different platforms or computers with the aid of a mobile device. In particular, users’ credentials are kept privately in their mobile devices, and not leaked to the network of any web service. Therefore, even if one web or cloud service is compromised by attackers, users’ identities and credentials are still secure.
The initial development of the Loxin system has been focused on achieving a good trade-off between security and usability. More recent development efforts have been concentrated on optimizing the system architecture and implementing Loxin for a wide range of web-based applications. Moreover, a small form-factor hardware security module is being developed, which will be used with mobile devices to provide highest security protection for users’ credentials.
- Passwords replaced with one-tap mobile authentication
- Achieve a good trade-off between security and usability
- Apply to a wide range of web-based applications
- Rapid deployment of the system
- Two-factor authentication
- Cloud computing and storage services
- Mobile payment and other financial services
- Social networking applications
- Multimedia content delivery services