NSTIC director: 'We're trying to get rid of passwords'

The federal government's National Strategy for Trusted Identities in Cyberspace (NSTIC) program, set up this spring, is making progress against its goal of identifying and supporting more secure alternatives to simple passwords that the government as well as anyone else might use in authenticating to online applications.

"We're trying to get rid of passwords. It's time for something better," says Jeremy Grant, senior executive adviser at the National Program Office for NSTIC, located at the National Institute of Standards and Technology. The federal government, he says, can lead in working with industry on better types of authentication for large-scale use that may be deemed preferable to passwords. The next step in this project involves setting up a steering committee with industry to foster consensus on standards and guidelines, with a slew of pilot projects expected next year, based on current budget expectations. Though the budget process is not complete, the Obama administration has $25 million allotted for the NSTIC program, and out of that, "$17.5 million is for pilots," says Grant, adding, "We haven't published yet what the criteria will be." However, the idea at present is to conduct about half a dozen pilot projects for strong authentication, making the funds available perhaps through a grants process.