Google Begins Testing Password-Free Logins

Google confirmed this morning it’s now testing a new way to sign into your Google account without having to type in a password. Instead, those who have been invited to try this new method of logging in authenticate by responding to a notification sent to their smartphone. The idea is similar to Yahoo’s recently launched “Account Key,” which also offers a password-free means of signing in involving a push notification sent to your phone that then opens an app where you approve the log-in.

Passwords are often the weakest parts when it comes to securing users’ accounts, as many don’t use complex passwords or they reuse the same password across services. Two-factor authentication – like using a USB stick with a secret token or entering in a code sent via text method to your phone – can help to increase security, but many users also find this to be a hassle as it introduces an additional step to the login process.

This new password-free login option, on the other hand, is about speeding up logins by offering a different way of signing in altogether.

You only have to enter your email address when you’re signing into your Google account. Afterward, a notification will appear on your phone asking you if you’re trying to sign in from another device. Approve the login by tapping “yes,” and you’re in.

This would be especially useful for those who always have their phone nearby while using Google services on other devices, like their computer, as well as those who have long and complicated passwords that are difficult to type.

It could also help to protect against phishing – something that Google addresses today through its Password Alert tool, too.

The test was first reported by a Reddit user Rohit Paul, which was then spotted by the blog Android Police. According to Paul, he was sent an email invitation to join a test group being given access to try the new technology on their own devices.

The group is called “Sign-In Experiments at Google,” and is found here on Google Groups. While the link to the group is public, you can’t view or participate without a direct invitation.

A Google spokesperson confirmed to TechCrunch that this is, indeed, a new experiment now underway, noting that:

“We’ve invited a small group of users to help test a new way to sign-in to their Google accounts, no password required. ‘Pizza’, ‘password’ and ‘123456’—your days are numbered.”

[gallery ids="1254829,1254830,1254831,1254828"]

After accepting the invite and joining the group, the email explains that you’re then able to sign in without entering a password but you can continue to use your typed password if you choose. In addition, Google says it may choose to ask for your password as an additional security measure if it notices anything unusual about your current login attempt. (And it’s helpful to be able to use your password in case your phone is dead, or goes missing.)

In the case your phone is lost or stolen, your screen lock or Touch ID on your smartphone will protect your private data, as the thief or unknown party will not be able to unlock your phone. Google also advises in the case of a lost device, you should sign into your account from another device and remove account access from the device you no longer have in your possession.

Google tells testers they are able to turn off this new means of signing in at any time, and, as the email Paul received notes, testers can leave the trial group if they don’t want to offer Google their feedback about the sign-in process.

 

We understand that only a small number of users are being invited to test this new feature for the time being. Google did not comment on when it plans on expanding access to more testers or the broader public. The password-free sign in process works on both iOS and Android at present.