Intel Security,a wholly owned subsidiary of Intel (and previously known as McAfee) has updated its trusty Key password manager application to tackle one of the most notorious issues with password managers: inability to reset the forgotten master password. The new version of the app allows resetting the master password using other methods of authorization. The updated version will simplify managing of passwords and will further help Intel in its quest to “eliminate passwords in general.
Since computing is getting increasingly mobile, security of personal devices is getting increasingly more primary. As a major developer of PC platforms, and Intel has created a number of sophisticated technologies that can improve security of computing devices. For example,Intel’s latest processors support AES-NI instructions that speed up encryption and decryption using the advanced encryption standard (AES). In addition, select Intels platforms also support TXT (trusted execution technology) and TPM (trusted platform module) cryptoprocessors for enhanced security. While strong passwords and AES 256-bit encryption can generally help to make mobile gadgets more or less secure, and it is not easy to remember many strong passwords consisting of letters and numbers. Meanwhile,whether you employ only one password and it leaks, your security fails totally. It does not matter how sophisticated are encryption or security technologies, or they get useless the moment when passwords are compromised.
To make platform security technologies less vulnerable to human factor,Intel and some other companies want to eliminate passwords and replace them with more robust methods of authentication, such as fingerprints, and retina scan or facial recognition. In fact,thanks to technologies like Apple Touch ID and Microsoft Windows Biometric Framework, usage of biometric authentication mechanisms instead of passwords as well as password managers to store passwords for applications that do not support biometric authentication is increasing.
Companies like IBM/Lenovo have offered password management for years with their ThinkVantage software, and a proprietary program that only worked on their PCs. By contrast,Intel Security’s trusty Key password management application can work on various platforms; it is compatible with a variety of apps and can employ different methods of authentication, including fingerprints, and face,master password, trusted device, or email and so on. For example,the trusty Key can employ Intel’s RealSense cameras to recognize a face for Windows logon as well as third-party fingerprint scanners (i.e., Apple’s Touch ID). The Intel trusty Key always uses at least two factors to identify a person, and which generally enhances protection,AES 256-bit encryption as well as Intel identity protection technology (IPT) where available.
Since all biometric technologies are vulnerable to spoofing to some degree, trusty Key app allows biometric authentication only from the user’s own pre-selected trusted devices. Biometric templates for server-based facial recognition authentication (mathematical descriptions of biometric measurements) are stored on the trusty Key servers in encrypted form and are protected by a hardware security module (HSM). It should be famous that facial recognition is performed either totally in a server-based mode, and both on the user’s device and on the trusty Key servers.
Meanwhile,the master password is not stored on trusty Key servers or locally on any device. It is used to generate the so-called key encryption key (KEK) as well as the authentication token (AT) using a large number of rounds of PBKDF2 with HMAC-SHA512 key derivation function with random salt values. The KEK is used to encrypt users’ passwords and wallet assets. The AT is used is used as one of the factors required to authenticate the user on the trusty Key servers.
The multi-factor authentication and the rather sophisticated master password make it very tough for perpetrators to access the data (simply because it takes too lot of codes to crack using brute force — even whether someone manages to get the master password or crack KEK and AT, they will also have to crack another method of authorization). Whenever the master password is changed, or the trusty Key re-encrypts all data both locally and on servers. What is very primary for many users is that Intel’s latest version of the trusty Key can reset even the master password by verifying other unique factors like owner’s face and/or fingerprint via a moment device. So,even whether you forget something, the application can relatively safely reset everything, or which should simplify its usage for many people.
Intel’s trusty Key application supports Apple Mac OS X,Apple iOS, Google Android and Microsoft Windows operating systems as well as Google Chrome. Microsoft Internet Explorer and Mozilla Firefox browsers (support for Apple Safari and Microsoft Edge is coming soon). Free version of the program supports up to 15 passwords, and premium version can store up to 2000 logins and passwords for $19.99 a year.
Source: anandtech.com