NIST offering grants to get rid of passwords

Jeremy Grant, senior advisor for identity management, NIST

Jolie Lee | June 4, 2015 5:12 pm

A new federal grant could move you closer to getting rid of usernames and passwords. It’s part of the National Strategy for Trusted Identities. The money — $10 million in all for the grants — comes from the National Institute of Standards and Technology.

The password isn’t dead yet, but “we think it needs to be shot,” said Jeremy Grant, NIST’s senior advisor for identity management, in an interview with The Federal Drive with Tom Temin.

Passwords are the root of recent attacks — from fraudsters to cyber espionage, Grant said.

“It’s really outlived its usefulness,” he added.


The program could allocate funding to many different types of private developers: companies, universities, hospitals, nonprofits, state and local government — essentially any group besides a federal agency.

“We really want to stimulate activity of state and local government, as well as the private sector,” Grant said. “More importantly, we’d love to see some partnerships between them.”

Technology is not the only focus of building a safer, more secure environment for online transactions; consumer education and redefining online culture is also important, according to Grant. People must prepare for a life without passwords and log in names.

“The way we structured the grant program is really to be more of a challenge-based approach, looking at barriers that have been in the marketplace to date, whether it’s technology or overall solutions, to improve identity and authentication online,” Grant said.

A balanced approach is key when NIST considers how to allocate funding. A new security system must provide barriers to cyber threats, but not impede the flow of business and communication, according to an NIST release.

Grant proposals are due March 7.

(Federal News Radio’s Sean McCalley contributed to this report.)


NIST to fund pilots to improve online transactions

This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.