The second pioneering work brassiere to eliminate the password

In December 2011, CSDN leak scandal erupted, 6 million database user password in clear text circulated on the Internet.

In May 2014, millet community 8 million users password data leaking out.

After 3 years, our network security has not become better, password leaks continued to bang every now and then a domestic Internet companies spread. Only positive changes may be right, and in third-party vulnerability reporting platform, more and more weak password admin problems come to light, we can better see how their personal information is being protected.

Is it possible that change the situation? Webmaster legend bra decided to come out of the circle, his second startup item “onion” (www.yangcong.com), die striking user password security.

“As long as the sites and users to use this product, even if the site database is stolen, or if the user uses a simple password like 123456, hackers cannot log on his account. “He said.

Bras, formerly known as Wu Hongsheng, founder DNSPod. DNSPod is the largest domain name resolution service providers, with over 60% of Web sites using their services. Network infrastructure in the country has been lagging overseas DNSPod is one of the few to stay ahead in the global services. Disney Samsung Galaxy Note 4 case

Secondary authenticator

Onion is a kind of service? Tell is divided into two parts, one is the validator, the second is the universal login.

People familiar with Google, Linode account will know that they have a “secondary verification” function, after opening in a non-trusted devices to log on, in addition to the password you need to enter an extra code. The code generated by the algorithm, and change automatically every 30s.

QQ in China, Alipay has a similar service, QQ Security Center, respectively, paid baby. In addition, the online bank u shield is actually a hardware version of the second verification tool, but only used at the time of payment.

Google open source their own Authentication Protocol II, construction of many companies in the industry are based on the service, such as Linode, Evernote, Amazon AWS, millet at home etc. Validator Service is based on the Google deal to build an onion, all interfaces consistent verification code can be managed by the same App.

To see how onions are done: 2C, it is a App, you can manage their secondary verification code, you can also manage other; 2B, it can be for Internet companies under the BAT provision of certification services, as a general purpose interface.

In the onion App, bound a lot of account number validator

Ma Yiling told Lei feng, co-founder of the onion: “since the entire team focus on the product, our service better than we do. Such as security, many teams might be one or two people staring, no one is also common; for example experience, the second password entered is a cumbersome process, based on smart devices collecting environmental data now, we can do more verification. “The onion App currently provides a reliable Wi-Fi authentication, fingerprint recognition, face recognition, and so on.

Universal login

Only “non-trusted devices on the secondary code”, is one user account is safe, but the pattern is limited, user experience and could not get through.

Onion’s imagination in “universal login” section, official call identification and biometric user authentication based on cloud services. On the App side is “security sweep sweep” module.

Enter the App interface, “security sweep sweep” occupies the most prominent position

Ma Yiling says: “you see a lot of sites, forums, on the login screen ‘ app logon ‘, ‘ you log in with Twitter ‘, onions login also appears there in the future. “Onion logon experience and micro-letters of similar, are by scanning the QR code.

Maybe you will feel fantastic, an unknown product, but want to do general account system, but this is not impossible, especially in market segments.

“Our advantage is more focused, onions make a living. You see, we are now mobile has done a cross-platform support, but QQ, Alipay in the secondary authentication on the Windows Phone is missing. We have for decades, to do research and development account security system, even for those larger companies, which invested only in key business, account obviously only a small part. “Ma Yiling says. He also disclosed that the onion has access UCloud, the Chinese network, the new network, webmaster, website services platform account system, and provides security verification services.

As a partner, UCloud Yong Fang Lei Feng NET interface people said, he saw the Onion’s first impression is “a product that can help enterprises address business security issues. “Sensitive processes such as UCloud will be logged into the onion, and recommends to its users.

“Said Tencent did not know the enterprise is overblown, but true. “An anonymous source close to company said,” some products are really good, but all the outsourcing that how to play? Guangzhou app, doing well in the enterprise market, willing to open data. ”

Onions are also typical of the star team, innovation works value bra Wang Hua, a partner’s personal experiences, Angel rounds had voted for millions. Innovation works docking Jiang Cheng Yan Lei feng’s network of investment and management said: “as long as onion 10% share in the market even opened. ”

Key-free era

But that takes time, and it may be a long time.

“Despite the accumulation of DNSPod and brassiere network, but want to open the picture needs to wait, we need to use the onions become a trend. “Ma Yiling says. Disney Galaxy Note 4 case

The reason, in engaged in the Internet, security is not a top priority, nor that didn’t understand the technical and operational security personnel.

Facing this dilemma and Mozilla Persona and FIDO Union, as well as the early martyrs. Mozilla vision can help verify the browser, users only need to enter your Email on the line, but behind this programme, more than you can imagine the complexity of technology, Mozilla cannot push; FIDO is the emphasis on biometrics and trusted hardware, given their options, currently recommended standard only to method, interaction and recognition technology will take a lot of time.

Biometrics also has its problems. Do the best in the market at the moment is Apple’s fingerprint identification, theft problem it is also nothing, only controlled App Store.

First let us experience the secret-free era, also Google, FB, these hundreds of millions of QQ and millions of user account system.

Ma Yiling says: “Although a lot of imagination, our primary objective now, is still making a decent third-party validator. For those users with large overseas key account groups, changing phone, reinstall the revalidation really trouble, they would have been impatient, onion initially wanted to take advantage of this group of users. ”

“I cannot predict the outbreak period, so I have more to do now. ”

313 votes

GoPro Hero4 Black

GoPro Hero4 a completely “upgraded”, finally won the 30fps in 4K under the resolution of standard definition, can really take 4K HD movies. 2.7K resolution and to support the 50fps smooth quality; in the most commonly used format to 1080p, GoPro Hero4 boldly open up 120fps.

View details of the voting >>

Like this:

Like Loading…