New startups looking for ways to keep their users secure should know one thing, a top Google security executive said Tuesday: "Passwords are dead."
Speaking on a TechCrunch Disrupt panel called "Spies Like Us," Heather Adkins, Google's manager of information security, told moderator Greg Ferenstein that in the future, the "game is over for" any startup that relies on passwords as its chief method to secure users and their data.
She talked briefly about Google's use of two-step authentication and the fact that the search giant has been working to innovate in the area of non-standard password security. As a result, she said, any startup that still relies on standard passwords needs to ensure that it has an abuse team set up to deal "with customers getting compromised."Adkins, speaking alongside Kleiner Perkins Caufield & Byers managing partner Ted Schlein and author James Bamford, said that looking ahead, "our relationship with passwords are done," and that "passwords are done at Google."
Although Adkins didn't offer any real specifics on how Google will innovate beyond today's security, she did say the company is experimenting with hardware-based tokens as well as a Motorola-created system that authenticates users by having them touch a device to something embedded, or held, in their own clothing. "A hacker can't steal that from you," she said.