In the near future computers should make users scan their palms and retinas before letting them in, Homeland Security Department chief Michael Chertoff suggested Wednesday.
Passwords and Social Security numbers are already antiquated, so easily stolen or cracked that they're virtually useless as security measures, Chertoff said during a roundtable discussion with bloggers in downtown Washington, D.C.
Internet users need a "paradigm shift" in the way they think about personal and corporate security, said Chertoff, who as a Justice Department lawyer in 2001 helped design the bundle of counterterrorism measures that became known as the Patriot Act.
"It's another initiative we've talked about," he said.
"Part of what we need to do is we need to change from a model in which your assets are controlled by your, for example, your Social Security number, which is a very weak way to control your assets, to a way in which your assets are controlled by some combination of a biometric, a token, and maybe some secret knowledge that isn't kept in a database," he said.
"If you -- bear with me for a second -- If you had a system where in order to access my bank account you had to use my biometric and a token as well as a number, it wouldn't matter if you stole the number, because the number wouldn't do anything for you. It would be like having my name. It doesn't do anything for you...." he said.
"But in the long run, I think you want to move away from a model which I consider inherently vulnerable, where the very information that you're trying to protect is the information you have to disseminate in order to validate yourself. So ... the more effective use you make of the information, the more vulnerable you become," said Chertoff, who gave up a lifetime job as a federal judge in 2005 for the homeland security job.
"I'm suggesting we paradigm-shift," he said.
![[RSS]](http://blogs.cqpolitics.com/templates/images/rss_icon.gif){kind=icon}
![[ARCHIVES]](http://blogs.cqpolitics.com/templates/images/archives_icon.png){kind=icon}
Post A Comment