Four Leading U.S. Phone Carriers Working on ‘Project Verify’ to Limit App Passwords

Password use is getting so out of control that the big four U.S. cell phone service providers — AT&T, Verizon, T-Mobile, and Sprint — are working on a way to limit it. It’s such a problem to them that they’re not working on this independently and are actually working together to develop a new system to limit app passwords. Called “Project Verify,” the system could be rolling out very soon.

The Current Password System

It’s easy to see how it all got out of control. When the Internet first really took off, that was how we kept our accounts safe, with passwords. But having a couple passwords like we did back then is much different than having a password for every software, websites and app that we used today.

But the software, websites, and apps just wanted to help you keep your accounts safe. Before long there were so many apps that it became a danger to use the same password on every site.

It was suggested that we create a unique password each time to keep our devices and data safe, but that clearly got out of control too quickly, leading to the creation of password manager services/apps that would remember all your unique passwords.

But the big four cell phone service providers don’t like this. They don’t want you to have to have a different password for everything you do on your device.

news-project-verify-dialog-box

Project Verify

AT&T, Verizon, T-Mobile, and Sprint are working together on “Project Verify,” a new way to manage passwords that they hope will make it easier to work with the password situation while still retaining that security.

The cell phone service companies aren’t quite ready to unveil this new project yet, but there are some details that have been released. Instead of authenticating with the use of a password, the idea is to use other details that are unique to you that the phone carrier already has, such as your phone number, IP address, SIM details, etc.

Digital Trends reports that a marketing video shows that Project Verify will be an app that allows users to manage their own passwords from their phone. This could mean trouble for password manager apps such as LastPass and 1Password.

It’s also thought that Project Verify could be the second factor in two-factor authentication, and this would make it safer than using a verification code that is messaged or emailed to you.

There hasn’t been a specific date mentioned for the Project Verify app launch, but it was suggested that it could be soon.

news-project-verify-welcome

Still Some Questions

The premise of Project Verify sounds great, but there are still some questions regarding how it will work.

While these factors they are going to use to authenticate you are indeed unique to you, some aren’t things other people don’t know or can’t find out. Using your phone number would be silly. You may as well be using “password123.” But maybe in whatever way it’s being used, it won’t matter if it’s something someone else could figure out.

Additionally, there are going to be users who don’t want to put their trust in carriers to keep them safe. Assumably, they should have been doing that all along. People in general lodge complaints about their cell phone company, so they might prefer to stick with a password manager. How will the providers get around that to gain everyone’s trust?

But the biggest question is what would happen to your account when you sign on to a computer that the cell phone provider has no connection to. What if you have a service that you use on both your computer and your smartphone, such as Dropbox? You won’t need a password for it on your phone, but you would still need one on your computer. So that makes it seem like it would just complicate everything

What do you think of the proposed Project Verify app from the U.S. cell phone service providers? Do you trust them to keep your accounts safe? Will this make you feel safer? Or would you prefer to stick with a password manager or with whatever system you currently use to remember/manage your passwords? Add your thoughts in the comment section at the bottom of the page.

One comment

  1. “But the big four cell phone service providers don’t like this. They don’t want you to have to have a different password for everything you do on your device.”
    Why? Is it perhaps getting too hard for them to spy on their users?

    “the idea is to use other details that are unique to you that the phone carrier already has, such as your phone number, IP address, SIM details, etc.”
    Thus making it easier for them to access your data.

    All kidding aside, this initiative is badly misguided. One of the basics of setting up access privileges is to use a convoluted/complex password, rather than personal data. Limiting identification to personal facts contravenes that. It makes it much easier for hackers to crack user accounts.

    “What do you think of the proposed Project Verify”
    It sounds like something conceived by the government’s alphabet agencies. Since there is a strong pushback to the idea of backdoors in programs and devices, they figure that having the carriers limit the access codes to known information, it would make getting into phones easier for them.

Comments are closed.