PayPal’s top security official is on a quest to kill passwords.
“Our intention is to really obliterate, within a certain number of years, both passwords and PINs and see the whole Internet—including internally in enterprises—obliterate user IDs and passwords and PINs from the face of the planet.”
That’s what Michael Barrett, chief information security officer at PayPal, told the network industry today at the Interop conference in Las Vegas. Barrett’s second job is as president of the FIDO Alliance, a recently unveiled consortium trying to create an open standard that could replace passwords. Google, Lenovo, and other companies have representatives on FIDO’s board of directors.
FIDO, which stands for Fast Identity Online, would work by requiring users to authenticate to their smartphone or other personal device, which then authenticates to a website (such as PayPal) using FIDO’s protocols.