The race has been on for some time now to find a replacement for Online passwords.
There’s a startup called Clef that claims to replace passwords on the Web. The service it offers as replacement to a password is – walk up to any computer in the world, hold up your phone, & Clef instantly logs you in. Clef is secure, passwordless 2-factor alternative, thanks to available modern cryptography tech.
Clef uses secure public key algorithms that developers rely on to safely access servers via SSH, but wraps them in a package that’s simple & tolerant of user error. Clef’s architecture uses mobile devices to create cryptographic credentials, manage public keys in the Cloud, & securely store private keys.
When a user logs in with the mobile app Clef, their smartphone generates an RSA digital signature using the RSA-SHA1 algorithm. You need to scan your phone across your computer screen till the Clef server verifies this signature & completes authentication using an OAuth2.0 handshake. When you use Clef, you create a digital key that never leaves your phone. Clef uses that digital key to generate a new signature every time you log in. Sync with Clef Wave to send your signature and identify yourself.
Actually, the Clef app generates a public & private key. The private key stays on the phone to generate signatures that uniquely identify you. With all the important details distributed to your phone, nothing in the Clef database can compromise your identity.
While Clef for WordPress-based Sites is apparently quite popular, the California, USA-based startup says they recently introduced Clef to Content Management platform Joomla.
Clef already powers logins for more than 9,000 Sites & has posted a 46 % average Month on Month growth for 6 months since January 2014.
Image Credit: Clef
Advertising Message