So for this to work, the website has to be on board, the user has to be on board, the user has to have their phone present, the user's phone has to be in working order (camera working, network working), the clef server has to be running correctly, and the software has to be working correctly on [the user's phone, the website's frontend, the website's backend, and the Clef servers].
Current process: click login box, type, tab, type, enter.
With clef: click cleff box, find phone, unlock phone, launch clef app, hold in front of screen, wait.
All of this to create an "advantage" of not having to remember a password at the cost of probably 15-30 seconds longer login time and a login process with more brittleness, as many steps, and more complicated steps.
Is there a big advantage I'm missing, because right now this looks worse in almost every way and dubiously better in only one.
I say dubious because I wouldn't trust the system to work, so id still memorize backup passwords. But some people have higher trust and thus would get the benefit.
There are a few advantages you're not mentioning:
1) This is two factor authentication. I don't trust any of my really "essential" accounts like GMail or Coinbase without two factor. And all of the problems you mentioned around needing your phone are common to nearly all two-factor auth solutions.
2) More secure password. You won't be susceptible to many brute-force based hacking methods because your password won't be in any rainbow tables or anything like that.
How is this two factor? As near as I can tell, it replaces your password (something you know) with your phone (something you have). It doesn't add a second factor to the auth.
Two factor auth is defined as something you know plus something you have.
Two-step verification (also known as two-factor authentication) is a process involving two stages to verify the identity of an entity trying to access services in a computer or in a network. This is a special case of a multi-factor authentication which involves the presentation of two or more of the three authentication factors: a knowledge factor, a possession factor, and an inherence factor.
Their point was, there's only one factor here: something you have. There's no password you give the site. So it's one factor. It is probably significantly safer than just a password, since nigerian hackers can't steal your phone from a huge poorly secured database.... but it's still just one factor.
No, because you're not authenticating to the service.
Think about what would happen if your phone gets owned by some malware that escalates to root. It can simply log the PIN, extract the key and then login as it wishes. That's because the phone is the single factor for the service.
Compare that with the auth against, say, Gmail, where even if a malware were to own the Authenticator, it still couldn't login as you, since your password goes directly to the service.
I finally installed Google Authenticator on my phone yesterday because Digital Ocean utilizes it. It's great. Like RSA stuff, only more convenient. And hopefully given the response of Google's security people to NSA activity, more secure than the RSA stuff.
This thing basically looks like a more automated version of Google Authenticator. Cool, but meh, would it really change my life?
But maybe it would make a difference for the same market that feels like the iPhone 5s's fingerprint scanner is way more convenient than previous security mechanisms on the iPhone and so can never go back. I dunno.
Google's Authenticator 2FA system is based on an open standard [1], and can even be implemented on your own/other web sites. Given the open nature of the standard, that can be considered an additional safeguard against NSA exposure.
May I suggest you try the Authy[1] app for your phone. Its much prettier than GA, has a PIN screen lock, and can save your encrypted credentials in case you lose your phone. Plus, if you run OS X it will sync to your computer's clipboard via Bluetooth.
While this is cool, I don't think I can replace GA with this because GA is the one implemented by the services I use, yeah? I can only use this for services that implement this.
> all of the problems you mentioned around needing your phone are common to nearly all two-factor auth solutions.
Not true. From his list of problems, TOTP does not require the Clef servers (or any third-party server), nor does it require your phone camera or (more importantly) phone networking to be working.
And to make the comparison fair, you have to realize that this is not two-factor. There's only one factor (something you have) since there isn't a password requirement.
Lastpass used to work like that for me. Now it causes me about as much hassle as it saves me. It does not do a wonderful job of handling multiple accounts on single sites; I frequently find multiple entries in the vault for single accounts, only one of which has the correct password (and usually the username is missing), and there are a number of sites whose presentation seems to baffle Lastpass, either in the login screen or in form-filling.
Also, Lastpass doesn't seem to offer to do as much for me anymore. Maybe I screwed something up in my config, but I don't see an AutoLogin option anymore.
So I'm just about ready to abandon Lastpass if anything else comes along that gives me a user experience like Lastpass used to give me. I don't know whether Clef is that service, but I'm at least glad that someone is exploring the space.
+1 for LastPass. Saves a bunch of time. They're pretty damn persistent about doing security the right way -- they don't have the key to open your data.
Except that's a bandaid over existing solutions. It's hard to imagine in 50 years we'll still require people to remember both a user identifier plus a password.
It's a tough problem. Human memories are fallible, yet it's with you always. Passwords can be given to others, which can be convenient in many situations (something bio recognition can't do). Bio markers like fingerprints are left everywhere as CCC has demonstrated, or the markers themselves can change such as with Macular degeneration in eyes. Phones can be stolen or run out of battery, physical key cards lost, and centralized systems like RSA's SecurID hacked.
In a lot of ways the banks have it done best, with combining a replaceable physical object (loanable) with a short PIN (sharable and more memorable), and then throwing fraud detection on top of it. It's the last piece that's the best and also the least available for others to do easily.
The problem would be better addressed by having a turn-key solution that any company can easily plug into their code to detect fraud attempts on short passwords. Big hole waiting for a startup to fill...
Plus the notion of "which of my ten passwords did I use for 'xyz.com?", you end up exposing your other nine passwords to 'xyz.com. Not as bad as using the same password everywhere, but still. I wouldn't want to accidentally give my bank password to, say, a crappy online forum.
I don't think it's any more accurate to say the average case is having to cycle through ten passwords to login to a site. Generally, I remember my passwords for most sites, and for the few I don't get right on the first try, I'm usually able to get in by the second. And yes, I have more than two passwords I use.
Just about all the widely public 2 factor schemes out there leverage cell phones via SMS or another route, they all require your device to be some battery life.
None of the 2FA services that I use require me to use an actual phone. The phone number that I associate with 2FA services is set up to forward SMS messages to an email account that is dedicated to receiving only SMS messages from 2FA services.
How is that two factor any more? You've broken the security model. You now have only a knowledge factor, no possession factor.
The whole point of two-factor authentication is to make it so you need two things of two different types. You reduced this problem to having two passwords (two things of the same type).
I think that depends on the adversary. Against the NSA there might not be a major difference (depending on your email provider), but SMS is probably more secure in the typical case, as it is much more common for your run of the mill script kiddie/phisher/etc to get access to someone's email than their phone.
At least some mobile operators have "SMS archive" option, that can be enabled and accessible from self-service site. It requires some time to set up, but attacker with sufficient time, knowledge and patience may pull the attack relatively easily. No need for NSA-grade adversary.
(Even worse, until relatively recently they had used numeric passwords (those had to be set from a phone, using DTMF tone dial). This had changed only 3 or maybe 4 years ago. Wonder whenever that change was 2FA-related. :) )
They keep saying this is 2-factor authentication, but without the first factor (something you know e.g. a password) and going straight to the second factor (something you have e.g. your smartphone) they actually only provide a single factor for authentication.
This is of course less secure than true 2-factor authentication, and the web site is misleading in its wording.
> They keep saying this is 2-factor authentication, but without the first factor (something you know e.g. a password)
I always wonder about this even when there is a password. For most services, a phone compromise would be a total compromise. I rarely get prompted for a password on my phone (nor do I enjoy typing one when I'm trying to do something quickly.)
Well if you choose two-factor by sending the code to your SMS and your device is lost it is certainly doom. Just as if you lose your laptop there is a great chance someone with enough patient and skill can/may hack into an encrypted disk/brute force the login.
I dont see how that matters. You still need a password + one file (on the phone). SSH keys with passphrase are two factors as well in my book. In fact, I would say that not having to transmit the weakest part (the mnemonic password/pin) over the wire is a plus.
I asked this exact question to the team on Twitter a few days ago when I first heard about this. Their response[1] was that you need a PIN to unlock the app.
PIN is short (usually). Which means if somebody gets their hands on your phone, they need to only guess about 13 bits of information (for 4-digit PIN) to get access to every site you ever logged in with this phone. That provided they actually use the PIN to encrypt the data, not just to check access to it, in which case once somebody gets their hands on the phone, it's game over.
I am glad that people are exploring this space, but Clef is not the solution, IMHO.
LastPass currently fulfills similar requirements for me and actually speeds up logging into the site. Is it perfect? Absolutely not. But the UI works pretty well.
I'd like to see it improved by starting to support public/private keys. The idea that I can log into a site using my private key means that when I simply get one <input type="identity"> and then the browser or a plugin like LastPass provides the UI to fill it in. This would actually be much faster than passwords: you see the input, select an identity from a dropdown or autocomplete you'd like to use, and click "Go".
He said in his recent Security Now podcast that he had some breakthroughs in terms of how SQRL will work, so it will probably change quite a bit from how it's presented at those two links. He also said his solution is better than what the FIDO Alliance is trying to achieve, but we'll see when it's ready if true (it does sound like the FIDO Alliance has created a few adoption problems for themselves with the licensing and whatnot, though).
Actually, Clef was already developed and launched before SQRL was even announced. SQRL does, however, have many benefits over Clef, though the typical user interaction is similar.
I'm glad there's movement in this space. It's desperately needed. Password managers are great but difficult to extend to all use-cases. When a generated password cannot be easily copy-pasted, the whole system feels unwieldy.
But Clef doesn't seem to solve anything in that respect. It solves some of the same problems that password managers do but with extra environmental requirements.
I can see the Clef mechanism being useful for 2-factor authentification. But I'm unenthused with (and wary of) its current instantiation as a login skeleton key. If I were Clef, I'd set my sights lower and rebrand as a drop-in 2-factor auth system to be optionally enabled by users.
> Clef puts military grade cryptography in the hands of every user
This kind of line is deceptive for 99% of end-users and turns off the 1% who might be helpful as developers.
This is actually something we thought we removed everywhere. I just grep'd our repo, found one lingering instance, and committed it out (will deploy when the traffic goes down). We understand it's deceptive and recognize the need to communicate to our users why Clef is more secure than usernames and passwords in a straightforward way.
OMG this will make moving around the internet and logging into 100's of sites so much easier and faster... oh wait. find app, click app, wait for app to launch, scan screen..., scan screen again...,(damn it!) scan screen again holding further back and making sure it has focus, got it!. whew. that was so cool and easy. I'm so glad my Wordpress admin page has this level of security because what I say is THAT important.
Why not just have browser support for SRP as a standard type of form request or TLS-SRP? It's fairly well known crypto and doesn't require a 3rd party service to be active or access to a smart phone with an active network connection.
SRP doesn't solve the problem with having to remember (or store) good unique passwords for each site. It does help with the authenticating password over insecure connection but SSL solves that for most sites. It doesn't solve the problem of securely storing passwords; the value that is stored can be brute forced to get password and is equivalent to cleartext password for any SRP using site.
> It does help with the authenticating password over insecure connection
I'm not sure you understand what SRP is; it's built to be used over insecure connections.
> It doesn't solve the problem of securely storing passwords; the value that is stored can be brute forced to get password and is equivalent to cleartext password for any SRP using site.
I don't think you understand what SRP is; if you could do this, then public key crypto has a much larger problem then passwords and you should be worried about TLS as well.
Actually, it is just the opposite. According to wikipedia, SRP was carefully designed to avoid any current patents, and according to this stanford page[1], it is available commercially and non-commercially under a royalty-free license, along with a BSD-ish-licensed Open Source implementation.
I don't know if clef does this, but for SQRL (similar, but uses QR codes, is open source, and doesn't rely on a 3rd party), it relies on the fact that the website URL will be embedded in the QR code (along with a signature) and that the app will show that URL to the user for them to confirm.
This isn't strictly stronger than standard password MITM (phishing), because unattentive uesrs could still just click through without checking the URL or the https status. IMO it is still an improvement because it makes that step explicit, and gives us a chance to put some nicer UI and programmatic checks around it (warning about weird unicode tricks, high similarity to previously used domain names, ...).
Also, both Clef and SQRL use public-private key authentication, so if a bad guy does successfully MITM someone, they only get one session to do bad stuff as opposed to knowing the password and being able to re-authenticate wherever. Obviously this is pretty poor security (it only takes one login to empty someone's bank account...) but for some applications it might be significant - notably for websites require you to re-authenticate to take destructive action.
So one use case, where any phone based solutions are a bit off is: when you're travelling.
1. Phone in roaming and no network
2. Battery dying out.
It locks you out of using a bunch of services.
I had a really bad time when my flight to NYC got redirected to Tashkent and was stuck for 2 days. I couldn't logon to any services. My phone wasn't working, so i did not receive sms notifications i had setup. GMail(and FB and a bunch of others) all thought my account was being hacked and wanted me to verify via my phone or email. So i was stuck in a foreign country, with phone roaming not working, and no way to contact and let people know that where i was.
So i've definitely stopped using any SMS phone verification, i'm still hesitant to use Google Authenticator(although i've shifted most of the accounts to it), because my battery tends to die at odd times while traveling.
It's good to see advancement on the ux side of 2fa. Many of the other players in this space provide such a cognitive burden that scares average users back to passwords. I'm excited to see where this one goes.
I am so scared moving all my "right" to my phone. If my phone is stolen, that guy can browser my visiting sites history, and then try to use clef to login, payment...
You could still say this is 2-factor, I know my phone PIN, and I have my phone. It's interesting, yet not for me.
I'd rather keep with the SMS PIN's as part of my two-factor auth, no third party app required, no lost private keys.
Most people who jump on the 2-factor band-wagon care more about security then speedy access. They are willing to carry an extra device ( smartphone, smart card, USB key, etc... )
Security professionals have always distinguished three major potential factors for authentication:
- something you know
- something you have
- something you are (e.g. fingerprint / retina scans)
Part of the reason passwords have stuck around so long is that accurate and convenient enough biomarker device have been prohibitively expensive, and physical artifacts can be lost or stolen.
You can't put someone under sedatives to get them to reveal their password. To attack a password* you must coerce or trick a human brain into revealing it.
*Assuming various diceware-style caveats. Also, writing the password down and putting it anywhere other than a safety deposit box puts it back in the "something you have" category.
Interesting, but I couldn't find the answers to some questions on the site:
1. How much does it cost for the website / web application owner?
2. How much does it cost for the end user?
3. If nothing for either, how does Clef make money out of this?
Current process: click login box, type, tab, type, enter. With clef: click cleff box, find phone, unlock phone, launch clef app, hold in front of screen, wait.
All of this to create an "advantage" of not having to remember a password at the cost of probably 15-30 seconds longer login time and a login process with more brittleness, as many steps, and more complicated steps.
Is there a big advantage I'm missing, because right now this looks worse in almost every way and dubiously better in only one.
I say dubious because I wouldn't trust the system to work, so id still memorize backup passwords. But some people have higher trust and thus would get the benefit.
The animation is cool though.