Google Inc (NASDAQ:GOOG) and Facebook Inc (NASDAQ:FB) are joining the ranks of companies using physical tokens as a way to increase security for users on their websites. Microsoft Corporation (NASDAQ:MSFT) has also been working on this technology for some time.
Physical tokens required for Google, Facebook workers
The way these tokens work is simple. Users would have to plug them directly into their computers’ USB drives and then actually type in their password. Only the correct combination will give them access to their accounts on the sites. According to Express, they use a cryptographic card which stores security data which changes over time. Both Google Inc (NASDAQ:GOOG) and Facebook Inc (NASDAQ:FB) are apparently making their employees use these tokens, while Microsoft is still developing its own version.
Last month, hackers stole nearly two million users’ Facebook, LinkedIn, Twitter, Google and YouTube usernames and passwords. Adobe Systems Incorporated (NASDAQ:ADBE) also had its customers login information compromised within the last several months, and Facebook notified its own users if they were found to have used the same passwords on their Facebook account as they did on their Adobe account.
Blizzard uses authenticators
Google and Facebook aren’t the first companies to come up with the idea of using a physical object along with a password in order for users to log in. For example, Battle.net, also known as Blizzard, which operates the popular MMORPG and others, sells authenticators which can be tied to users’ accounts. After dealing with a rash of stolen accounts, Blizzard started offering the authenticators a few years ago.
To use the authenticator, they type their password into the game or the website. Then they are asked for the six-digit code from their authenticator. Each authenticator comes with its own ID, and every time the button is pressed, it provides a new six-digit number, so users are never entering in the same combination of passcode information twice.
People use “very dumb passwords”
A security researcher told MailOnline that people “are using very dumb passwords” which are “totally useless.” After analyzing the stolen data from the social networks last month, the most common stolen password was found to be 123456. The word “password” was another popular one, as were 123 and simply, 1.