It’s no secret that Google hates passwords, as a result, they are now trialling a new system that allows you to log in to your Google account without the password. The only requirement is the use of your phone.
In a post on the Android subreddit, user ‘rp1226’ posted about his experience as part of the test group for this new system. The concept is incredibly simple, on a computer, you simply input your email address as you would normally in the login process, after that, instead of inputting the relevant password, you instead accept the login request from an authenticated phone. Instead of a password, the only challenge appears to be accessing the device and correctly selecting the number displayed on the computer screen from a multiple choice selection on the phone.
Whether this method of authentication is more secure than a password remains to be seen. If a user’s phone were to be lost, stolen or otherwise compromised, the user’s accounts could be accessed with ease, as the only challenge could be unlocking the device. And while it removes the ability for a password to be guessed or cracked, tieing account access to a physical item has its own risks. After all, unless you write down a password it’s very hard for it to be physically ‘stolen’.
Whether or not this authentication method catches on remains to be seen, but it is definitely nice to see Google are willing to try out new ways to implement security on accounts and data.