Google’s war on passwords and security is reaching a new level, with news of a new feature that could end passwords for good.
reddit user Rohit Paul, who goes by username rp1226 on the site has posted pics of the feature he’s been invited to try out. The feature essentially lets you register a compatible phone which can then be used to authorise any login attempts on other devices. Rohit has added screenshots and a description of how the process works:
You authorize your phone to allow you to log into your account.
You go into a computer and type in your email. Then you get a message on your phone to allow the login. If you hit yes, the computer logs into your Google account without a password.
Rohit has also provided a full email that describes the whole setup to Android Police who have also followed up with Google and received confirmation of the new function, with Google saying:
We’ve invited a small group of users to help test a new way to sign in to their Google accounts, no password required. ‘Pizza’, ‘password’ and ‘123456’—your days are numbered.
While the feature is in testing, there’s only going to be limited access, but if all goes well perhaps we’ll see this roll out further in the near future.
What’s wrong with two factor authentication, such as Authy?
I’m a little torn on this.
Typing in a password to access my Google accounts is not a particularly big deal and so this approach only really comes into its own when it extends to all (or at least a sizable chunk) of all one’s other on-line endeavours that require passwords. However, the idea that it all becomes vulnerable the moment someone hacks into your ‘phone is a touch disconcerting!
Perhaps if it were to be restricted to phones able to verify the log-in with a valid fingerprint…