Passwords are a real pain – no two ways about it. There are however some interesting technologies emerging which are disrupting the authentication space and in some rather creative ways. Case in point, San Francisco based identify startup Clef.
Clef has just officially rolled out its mobile app and is aiming to replace the less secure one-factor identity authentication (user name and password) system with a visually dynamic login pattern. Essentially, Clef acts as a replacement for usernames and passwords by letting you use your phone to identify yourself.
When users visit any site within the Clef network (just 250 sites are currently integrated – see below for some), they will be able to login with one click (more technical details below). Clef’s architecture uses a combination of paired mobile devices, cloud-based data services and 2048-bit asymmetric key cryptography for maximum identify protection. Sort of makes usernames and passwords look like wagons and buggy whips.
Once users download the app (available for both iOS and Android), they set up a secure digital profile which enable them to send their own personal digital signature to any site they’re logging into. When that user visits a site integrated with Clef, they select the “Log in With Your Phone” button to activate the Clef Wave, a unique visual pattern signal. Holding their phone to the computer screen then sends the digital signature and activates a new session.
Websites that currently use Clef include StackOverflow, StartupExchange, HootSuite, LiveJournal and Wordpress. In fact, there’s even a Clef plugin for Wordpress. http://wordpress.org/plugins/wpclef/
“Clef is leveraging the mass adoption of smart-phone technology to make an identity platform for the modern web, by creating a totally new approach to logging securely in online. We've built a mobile app that enables any site to recognize a user based on their personal smart-phone, instead of credentials they have to remember or type,” said Brennen Byrne, CEO of Clef. “Clef puts military grade cryptography in the hands of every user — and it's infinitely more secure then what currently exists for consumers.”