Google tests password-free logins
Google confirmed that it is experimenting a new way to sign into Google account without typing in a password.
Instead, similar to Yahoo's recent "Account Key" feature, Google arranged for users to receive a notification in their smartphone that would authenticate the login, reports techcrunch.com.
Since passwords are case sensitive, thus the new two-factor authentication – i.e. using a USB stick with a secret token or entering in a code sent via text method to your phone, increases security, however many terms it a hassle as such procedures introduce additional steps to the login process.
But, this new password-free login option is actually about speeding up logins by offering a different way of signing in altogether.
Now users will only have to enter their email address while signing into Google account. A notification will appear on the user's phone asking if logging in from another device has been attempted. The user would only need to tap on "yes," to complete the procedure.
This would be especially useful for those who always have their phone nearby while using Google services on other devices, like their computer, as well as those who have long and complicated passwords that are difficult to type.
It could also help to protect against phishing, something that Google addresses today through its Password Alert tool, too.
The test was first reported by a Reddit user Rohit Paul, which was then spotted by the blog Android Police. According to Paul, he was sent an email invitation to join a test group being given access to try the new technology on their own devices.
The group is called "Sign-In Experiments at Google," and is found here on Google Groups. While the link to the group is public, users cannot view or participate without a direct invitation.
A Google spokesperson confirmed TechCrunch that this is, indeed, a new experiment underway, noting that:
"We've invited a small group of users to help test a new way to sign-in to their Google accounts, no password required. 'Pizza', 'password' and '123456'—your days are numbered."
After accepting the invitation and joining the group, the email explains that users are able to sign in without entering a password but they can continue to use their password if they choose. In addition, Google says it may choose to ask for user's password as an additional security measure if it notices anything unusual about user's current login attempt.
If the phone gets lost or stolen, Google advises users to sign into their account from another device and remove account access from the device which they no longer possess.
Google tells testers they are able to turn off this new means of signing in at any time, and the email Paul received notes that testers can leave the trial group if they do not want to offer Google their feedback about the sign-in process.
Google, however, did not comment on when it plans on expanding access to more testers or broader public. The password-free sign in process works on both iOS and Android at present.
Comments