Hi Friends,

Even as I launch this today ( my 80th Birthday ), I realize that there is yet so much to say and do. There is just no time to look back, no time to wonder,"Will anyone read these pages?"

With regards,
Hemen Parekh
27 June 2013

Now as I approach my 90th birthday ( 27 June 2023 ) , I invite you to visit my Digital Avatar ( www.hemenparekh.ai ) – and continue chatting with me , even when I am no more here physically

Saturday 15 February 2020

Password Paralysis ?




All of us have created dozens of passwords – to log into Search Engines / E Com web sites / Mobile Apps / Fintech Apps / Govt web sites / Banks / News web sites / Travel sites / Service Providers web sites ( mobile – internet – electricity – gas etc )

And keep clicking “ Forgot Password ? “ link , every now and then

Some of us store these passwords on a piece of paper

Others store in a Excel sheet or in some “ Password Storage Software “

But all of us hate to remember these umpteen passwords

So, this news brings a lot of relief :

Apple joins Fido Alliance, commits to eliminate passwords  

Extract :

Besides Apple, most technology giants including Amazon, Facebook, Google are board members of the alliance which wants password-only logins to be replaced with secure and fast login experiences across websites and apps using the emerging standard WebAuthn

WebAuthn stands for Web Authentication – and briefly described as follows :
This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users.
Conceptually, one or more public key credentials, each scoped to a given WebAuthn Relying Party, are created by and bound to authenticators as requested by the web application.
The user agent mediates access to authenticators and their public key credentials in order to preserve user privacy. 
Authenticators are responsible for ensuring that no operation is performed without user consent
Authenticators provide cryptographic proof of their properties to Relying Parties via attestation.
This specification also describes the functional model for WebAuthn conformant authenticators, including their signature and attestation functionality. 
--------------------------------------------------

Hey , I don’t understand a word of this !


But that did not deter me from suggesting following methods, whereby Indians can login to any web site , by just one click !

Without waiting for FIDO Alliance to convince all the web sites of the world (1,295,973,827 according to Netcraft's January 2020 Web Server Survey ) to adopt WebAuthn , Shri RaviShankar Prasadji could deploy one of the following methods :


[ A ]

With appropriate law, mandate all web sites to display the following message for user login :

 “ Log me in with  www.IndiaDataCustodian.gov.in


To know how we can do this, without waiting for acceptance of WebAuthn , read :

Digital Dividend from Demographic Data [ 4 D ]


Related Readings :

SARAL  (  Single Authentic  Registration Anywhere Login  )

Only Answer ; a Statutory Warning 

   A  Matter  of  Motive  ?  
  
     Privacy  for  Sale   

Right to Sell My Soul ? 

 

Wealth of Nations   


===============================================================================

[ B ]

Launch a portal “www.SUIIC.gov.in 

[  SUIIC =  Single Unified Identity for Indian Citizen )

as described at :

I am One , I will become Many


-          Where I suggested the following process :

Ø  Any citizen can download the mobile app , YUP = Your Unique Profile ( absolutely VOLUNTARY ) , open it on his smart phone , enter his mobile number / E Mail ID and take a SELFIE of his own FACE


Ø  The Mobile App will automatically and instantly, upload the FACE IMAGE onto SUIIC database and the matching YUP of that person


Ø  SUIIC will embed into the FACE PHOTO , all data of all the CARDS ever issued to that person ( using STEGANOGRAPHY ), and send it back to the owner’s mobile phone

=========================================================

Is this feasible ?

Seems so ! Here is evidence :

“ Today, Intuit’s users sign into its portfolio of mobile apps seamlessly with unique biometric identifiers like their fingerprint or facial recognition patterns, or even your phone’s passcode.

And Intuit’s login process isn’t just more convenient. It offers another level of security – thanks to FIDO Authentication.

[ source : https://fidoalliance.org/the-right-mix-intuits-journey-with-fido-authentication/  ]

=========================================================

Any Beneficial Bye-Products of this suggestion ?

Following the “ Law of Unintended Consequences “, at least two , viz :

Ø  Each Indian can earn up to Rs 30,000 per month, simply from logging in on web sites !

          [ read : https://myblogepage.blogspot.com/2019/02/saral.html  ]

Ø  With aggregation / compilation / standardization / normalization, of PERSONAL DATA of our entire population, government can do away with CENSUS – CAA – NPR – NRC etc .

========================================================

Dear Shri RaviShankar Prasadji,


I urge you to seize this opportunity of making all opposition to CAA – NPR – NRC etc., irrelevant , by holding a COUNTRY-WIDE REFERENDUM as follows :



“ Should the Government launch a Digital Initiative to enable you to earn Rs 30.000 pm ? “

 [  YES  /  NO  ]



With regards,

Hemen Parekh
========================================================
16 Feb 2020
hcp@RecruitGuru.com
=========================================

Added on 30 April 2023 :


Passkeys Unlock a New Era for Authentication




Posted by

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)