Google Says it Will Move Towards No Passwords
While Microsoft has long embraced a world of “no passwords,” Google has been a bit slower. That’s going to change. Eventually.
“At Google, keeping you safe online is our top priority, so we continuously invest in new tools and features to keep your personal information safe, including your passwords,” Google’s Mark Risher writes. “We are already making password management easier and safer, and we’re … creating a future where one day you won’t need a password at all.”
Today, Google uses a two-step verification (2SV) process to protect customers from account fraud. But this process is voluntary, and not all users are taking advantage of this key account security feature. In the near future, Google says it will automatically enroll its users in 2SV if their accounts are configured properly according to its Security Checkup.
Google says it is also working to make multi-factor authentication more seamless and secure—when compared to just a password, a low bar—by building security keys into Android devices and via the Google Smart Lock app for iOS. In both cases, customers can use their phones as a secondary form of authentication. And Google makes its Password Manager available directly in Chrome and Android, and now on iOS as well.
What’s lacking from this little missive, of course, is how Google will move to a passwordless infrastructure for accounts, as Microsoft has already done. When you sign in to a Windows 10 PC for the first time, for example, all you need is your email address: Microsoft will send a code to an authenticator app on your phone so that you never need to type in a password. But when you sign in to a Google device running Chrome OS or Android, you need to know your password, even if you use 2SV, which will also trigger a prompt on your phone. That’s dumb, and I’m curious when and how that will change.
Tagged with Google Account