Juan Lang
Juan is interested in making the web a safe place to visit. He currently works on protecting users from having their accounts taken over. For three years, he led the team developing strong second factor authentication. Prior to working at Google, he worked at a number of startups. He received his PhD in computer science from the University of California at Davis.
Authored Publications
Sort By
Preview abstract
The security of online user accounts is often protected
by no more than a weak password. We present “Security Key”, a second-factor device based on open standards that protects users against phishing and man-in-the-middle attacks. The user carries a single device and
can self-register it with any online web service that supports the standard. The devices are simple to implement
and deploy, are not encumbered by patents, are simple to
use, privacy preserving, and secure against strong attackers. We have shipped support for Security Keys in one of
the mainstream web browsers. In addition, multiple device vendors produce security keys.
In this work, we demonstrate that Security Keys lead
to both an increased level of security and user satisfaction by analyzing a two year deployment which began
within our 50,000 person corporation and has extended
to our consumer-facing web applications. The Security
Key design has been standardized by the FIDO Alliance,
an organization with more than 170 member companies
spanning the industry.
View details
