Password Authentication Coming

One day soon we won’t be using passwords, we’ll have a cryptographic card or some other token-like authentication. Robert McMillan in Wired (Jan 18)  –  Google Declares War on the Password  – summarize points made by Google Vice President of Security Eric Grosse and Engineer Mayank Upadhyay about the future for online security.

Thus, they’re experimenting with new ways to replace the password, including a tiny Yubico cryptographic card that — when slid into a USB (Universal Serial Bus) reader — can automatically log a web surfer into Google. They’ve had to modify Google’s web browser to work with these cards, but there’s no software download and once the browser support is there, they’re easy to use. You log into the website, plug in the USB stick and then register it with a single mouse click.

What if we lose the token?