Google is testing a feature that lets users sign into their accounts without requiring a password. Users that have access to this feature will be able to login to their accounts using their mobile devices. A notification pops up that asks users to authenticate their identities and grant permission to access accounts. Currently, the feature is accessible by invite only for members in theGoogle Group called “Sign-in Experiments at Google.”
The upcoming Google feature was discovered by Rohit Paul (rp1226). “We’ve invited a small group of users to help test a new way to sign-in to their Google accounts, no password required. ‘Pizza’, ‘password’, and ‘123456’ — your days are numbered,” said a Google spokesperson. This feature is similar to Yahoo YHOO +0.00%! “Account Key,” which lets you log into your Yahoo! account by responding to a push notification sent to mobile devices.
First you have to authorize your device and give it permission to access your account. After that, you will see a message on your phone asking permission to login when you type in your email on a computer. Once you accept the notification, your computer will log into your Google account without requiring a password. If the “Sign-in Experiments at Google” feature notices anything wrong with your sign-in, then you may be asked to complete another step for authentication.
Every year, phishing affects hundreds of thousands of accounts — which ends up costing billions of dollars in losses. According to EMC, there were nearly 450,000 attacks with record estimated losses of over $5.9 billion in 2013 alone. Google’s new sign-in feature could help protect consumers and alleviate phishing attacks.
Google has been developing anti-phishing technology for years now. Several years ago, Google added a two-factor authentication feature on Gmail. And Google also launched the “Password Alert” Google Chrome extension earlier this year — which tells you if a website tries to steal your login information. Google also added an “on-body detection” feature on Android 5.0 Lollipop that keeps devices unlocked when it is in your hand and locks up again when it is put down.
The “Sign-in Experiments at Google” feature works on Android and iOS and you will still be able to login using your password if your phone is not nearby. What happens if you lose your phone? You can sign in with another device and go to “My Account” to remove account access from the lost device. To change your phone, you can go to “Sign in and Security” in “My Account” to “Edit” your phone. You can also disable this feature by going to “Sign in and Security” in “My Account” and clicking “Turn off” in “Use your phone to sign in” section. As of right now this feature is only available to a small group of beta testers and it is unknown when Google will expand this service to the public.
Personally, I do not see myself using this feature because I regularly change all of my passwords to a complicated set of capital letters, numbers and symbols. But I understand why this feature could be useful for many people, especially those who have been victims of identity theft in the past.