X

Forget your password? Use your phone

FireID system creates unique passwords for mobile apps for Java-enabled phones.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
Elinor Mills

FireID was set to announce at RSA 2009 on Monday technology that allows people to access multiple Web sites on their mobile phone without having to remember all the passwords.

The FireID universal personal authenticator app turns any phone that runs Java into a one-time password generator and generates the password directly on the phone instantly so there is no risk of it being intercepted and no waiting for an SMS like with other password-generator systems, said Jenny Dugmore, chief executive of FireID.

The system also works with multiple applications and creates a unique encrypted password for each session. It identifies the app and the make and model of the phone and downloads a version of FireID that is specific for that phone rather than a generic version.

The only password the user needs to remember is the one to access the FireID app.

FireID runs on any phone that can run a Java app, and the technology is compliant with the open authentication standard so organizations using key fobs can use it too, Dugmore said.

There is a Blackberry version of the FireID app. Apple is testing it on its iPhone and FireID is in talks with Google, said Dugmore.