The Sunnyvale-based company Yahoo! is eliminating the need for users to enter login credentials when accessing their Yahoo! accounts. By literally 'killing' passwords, Yahoo! is like using a two-factor authentication, but without the first factor.
Back in March 2015, Yahoo! took its first major step in eliminating password by introducing temporary, on-demand passwords that are sent to the users' mobile devices. This method debuted Yahoo! Account Key, a feature initially available for users of Yahoo Mail app on both iOS and Android.
"Passwords are usually simple to hack and easy to forget," said Dylan Casey, Yahoo!'s VP of Product Management. To negate the inconvenience many users may face, Yahoo!'s team member worked a workaround for a solution.
The feature asks the user rather than forcing them to remember and enter passwords. When a user is accessing a Yahoo!'s app and wants to login, the service will simply send a notification to the device previously associated by the user.
"Are you trying to sign in?" the prompt asks. The user can then accept or deny. The former will open the app, while the latter will keep the app closed.
No matter what mobile device the user is using, as long as the Account Key recognizes the device as the user's, the user is able to login without having to input any login credentials.
When concerning the device is lost, backup email accounts or phone numbers can be used to verify the user's identity.
To accompany the said feature, Yahoo! also made some other changes to its Mail app, including the supports for third-party email accounts so users can now check their emails from other services while logged into the Yahoo! Mail app. Other updates include, and not limited to, the ability to add avatars for contacts, use swipe gestures and contextual search.
Passwords: Yesterday's Problem, Tomorrow's Concern
Passwords are credentials to validate someone as the owner of what it's about to open. Whether it's for offline services or online, passwords are mostly used to protect certain data from anyone else except the respective owner.
Many have griped about the problems related to passwords. When done right, passwords are literally difficult to remember. Because writing a password down on a paper is not an option, most people like their passwords to be easily remembered. But that will eventually make them easier to be cracked.
Two-factor verification systems, password using biometric input such as fingerprint and facial recognition, and others, are some methods created to negate the use of remembering passwords. As a way around, people can also use password manager to store all their credentials in one place and securing them all with just remembering one master password.
But none of all the above solution are guaranteed to be a 100 percent fool proof, and/or powerful enough to completely eliminate password from existance.
We may not be at a stage where we can live without them, but Yahoo! can be sure that it can do well without them by introducing Account Key feature. Remembering password is like the thing of yesterday, but with the many solutions trying to eliminate it, password will either be an alternative or a remain a mainstream. At least in for foreseeable future.
Yahoo isn't that keen on two-factor verification because it thinks that it's too widely used. As Yahoo!'s Senior VP Jeff Bonforte noted, the feature is too complicated for most people as less than 10 percent of Yahoo! Mail's users are subscribers to it.
"Email accidentally inherits the weaknesses of other password systems on the internet. Our users are too often using the same password or service that they're maybe not thinking too much about. You can always get immense level of password security but you can't get an immense level of password security that's simple and intuitive," explained Bonforte.