Of course, for now, passwords are necessary. But there is always the chance that hackers might steal the password, even after the best security.
Facebook (NASDAQ:FB) wants to change all this. Facebook says it wants to protect you, by making the passwords useless. "With Delegated Account Recovery, people can ensure they have a reliable way to regain access in extraordinary circumstances, using strongly attached accounts, without sharing personal information", Facebook explained on its developer website. This will be the backup security key if you have forgotten your password on different, non-Facebook services.
The idea is that if you forget your password to an app or a site, you can use Facebook to verify your identity. Facebook says it plans to open-source the technology, so eventually you will see more companies use it. "Right now you tell your mother's maiden name to 500 different places and if any one of them gets hacked, then you're vulnerable everywhere". Facebook says that this approach is "more secure than a password reset email, and more stable than a phone number". Text messages are unencrypted.
Rather strangely, Hill also stated that this feature would "benefit people just beginning to use the internet, who may have Facebook accounts but not an email or phone number". There will be safeguards in place to insure the tool is not misused, such as a limit of third-party sites that can be recovered at a time, plus alerts of suspicious activity. If, say, Facebook knows you always log in via your iPhone in California, an attempt from Russian Federation on an Android will be flagged. Facebook will use your information to show you advertisements. Facebook will know you use the bank's services, but it doesn't know anything about your bank account. It can be scary.