Even though they are insecure, passwords are still the main form of authentication available on the web. There are several reasons for this. Users are used to passwords, and trust them. Teaching them to use something new requires time and effort. If users don’t see the benefit of a new system, they will continue using passwords. Services have been using passwords for ages. Using a different method requires a significant effort (in terms of time and other resources). Moreover, authentication systems form a two-sided market with cross side effects. This creates the chicken-egg dilemma that users will not migrate to a form of authentication that is not offered by a significant number of services, and services will not offer a new authentication method if no users use it.
The challenge is to break this vicious cycle. And UbiKiMa aims to achieve just that.
Read the rest of this entry »