Google tests password-less login on the web using phone authentication
Google is renowned for protecting the security of its users.
To do this it uses various kinds of options, including the recently launched Password Alert extesnion, and the good old mobile authenticator apps.
This 2-way authentication, or 2-factor authentication as it is reffered to, helps protect the user’s Google account from being hacked by adding an extra layer of security.
But this method involves logging into the account using the regular password, which will actually trigger a prompt asking the user to enter a backup code which can be received using the mobile app mentioned abiove, or a code which the user could have backed up earlier, or get a new code through sms/phone call.
What if there was a way to login to your Google account without entering the password for it?
That is exactly what Google is working on. In fact, the Mountain View company has already begun testing the feature. Rohit Paul, an Android user who goes by the name rp1226 on Reddit, posted some screenshots which show how the new feature works.
You may have noticed that Google changed the login system on its website, earlier this year. It doesn’t ask you to enter the password on the first page, instead it asks you to enter the username and click on the next button. The user will then be required to enter the password on the next page.
The new password-less login system, will not do the second step mentioned above. When a user enters their username to login, Google will display a number on the browser, and send a notification to the user’s phone, more specifically, an Android phone. This notification will ask the user to tap the number in the message.
This will grant the user access to their account, without the password.
Venturebeat says it questioned Google about this, and got a confirmation in the form of the following statement:
“We’ve invited a small group of users to help test a new way to sign-in to their Google accounts, no password required,” a Google spokesperson told VentureBeat. “‘Pizza’, ‘password’, and ‘123456’ — your days are numbered.”
This system is pretty exciting, and will improve the security of Google accounts drastically, as the user’s password is safe from any threat including keyloggers, phishing methods, and identity theft attacks. It is unclear as to when Google will enable this for all users, or if at all. Hopefully we will see it in the near future.