Google Starts Testing Password-Free Logins Using Your Phone

Passwords -- especially weak ones or those used across multiple systems -- can create all kinds of vulnerabilities and security headaches for people and businesses. That's why Google is now testing an alternative way for users to log into its services.

The test was brought to light yesterday when reddit user rp1226 posted documents and screenshots from Google's experiment on the Android subreddit.

The system being tested works like this: After entering an e-mail address on Google's login page on a computer, a user's phone is sent a notification asking if he is trying to log in. Upon answering, "Yes," the user is then prompted to indicate by phone which number is displayed on the computer sign-in page; choosing the right number automatically logs the person in.

Growing Use of 2FA

Google's experimental login system works much like the Account Key method launched by Yahoo in October. Available on iOS or Android devices, the Account Key login option for mobile Mail app is "more secure than a traditional password," according to Yahoo.

Many tech companies are looking for alternatives to old-school passwords that can be easily guessed, stolen or hacked. Another strategy being used to improve security is two-factor authentication (2FA), which requires users signing in by computer to verify their identities via second devices, usually smartphones.

For example, Amazon last month introduced a two-step verification process in private beta. Viewed as a way to add an extra layer of security for users, two-factor authentication has also been available for some time for users of Google Gmail and Microsoft Outlook, among others. Google did not respond to our request for more information about its password-free login test.

Password Pain on Help Desks

While many in the tech community have been predicting -- and agitating for -- an end to traditional passwords (Microsoft CEO...

Comments are closed.