Passwords on the fly

Remembering usernames and passwords is the bane of many an Internet user's existence

December 20, 2008
Passwords on the fly

Remembering usernames and  passwords is the bane of many an Internet user’s existence. Facebook, MySpace, Google, banking websites, tax e-filing and online e-mail services all require people to remember a long list of login credentials.

The solution for most people is to write down these details or save them in a text document on their computers. But this is insecure and, as anyone involved in IT will tell you, a terrible idea.

Password-based systems are inherently not secure anyway. Passwords are often easily guessed and keylogging software can be used to steal people’s login details.

Stellenbosch-based entrepreneur Justin Stanford hopes to solve the problem. Flush with "many millions" in funding from billionaire businessman Johann Rupert, Stanford’s company, Fireflight, has developed one-time password software for cellular phones that he hopes will gain traction not only in SA but also in international markets.

Stanford heads an investment group called the 4D Innovations Group. He says: "Johann [Rupert] and I have always spoken about getting into business together. We concluded a deal whereby he would personally back Fireflight, and there are other projects we are going to be looking at doing together."

Fireflight, which is within spitting dis tance of another successful technology start-up, the cellphone instant messaging company MXit Lifestyle, began work on the one-time password, or OTP, system more than three years ago. Originally conceived as a low-cost solution for authentication for online banking, Stanford and his team quickly realised it had far bigger potential.

Here’s how it works: you download the Fireflight software from the company’s website – www.fireflight.co.za. Then, whenever you go to a website that uses Fireflight’s OTP, you simply fire up the application on your phone to receive a password. No information is transmitted over the air; rather the system uses clever mathematical algorithms to match the password on the phone and on the Web server.

As with the banks’ OTP systems, the password expires almost immediately.

Stanford describes Fireflight as a "universal personal authenticator". It will run on almost any cellphone. "We worked hard to make sure the application looks consistent across multiple platforms."

To ensure the product gains traction internationally, Fireflight will give away what it calls a FireID token. This can be used to log on to websites that use OpenID authentication. OpenID is a single sign-on standard for websites and is used by the likes of Google, Microsoft and Yahoo to varying degrees.

Sybase has signed up as a distributor in SA and the company is also in talks with a large, listed IT company. Fireflight has had discussions with potential distributors in North America and Europe as well.

Jenny Dugmore, former head of Sybase’s Western Cape operation, has been appointed Fireflight CEO. Other key members of the team are Malan Joubert, the technological architect of the software, and Erik van Vlaanderen, chairman of the 4D Innovations Group.

Password remembering discussion

Free Email Newsletter:
Subscribe

Shutterstock is the image partner of MyBroadband – technology images can be found here

Join the conversation

Connect with MyBB

twitterfacebookandroidappleblackberrynewsletterfeed

Poll

Do you think South Africa should invest heavily in solar power instead of coal fuelled power stations?

View Results

Loading ... Loading ...

More News

Biggest ever solar power plant in South Africa

CSP technology

The planned 100MW Redstone concentrated solar thermal power plant will be the biggest in South Africa

Firefox drops Google for Yahoo

Red Panda Firefox

Mozilla has announced that it has dropped Google as the default search engine for Firefox in a number of territories

Second Eskom coal silo cracked at Majuba: Solidarity

Majuba silo collapse

Trade union Solidarity has warned against Eskom’s continued denial regarding the actual state of its coal storage silos.

Anti-Cell C banner owner off bad credit list: report

Original Cell C billboard

George Prokas is no longer listed as a slow payer with the TransUnion Credit Bureau, according to a report

Free MyBroadband Newsletter:
Subscribe
X
bool(true)