Couple of days back, Google briefly experimented with an interesting login system that allowed users to log into their Google account from a public terminal using a smartphone.
This meant that users didn't have to enter the password on the public terminal, which can be compromised. It could also be used when you're on a public or non-trusted Wi-Fi network.
Here's how the system works:
- Navigate to https://accounts.google.com/sesame on the computer.
- You are presented with a QR code.
- Launch a QR code scanning app such as Red Laser or Google Googles feature in Google Search app on the iPhone.
- Scan the QR code, which will inform you that the QR code is a URL.
- Open the URL where you will be prompted to enter the Google account password.
- Once you have successfully logged it, it will give you an option to "Start with Gmail" or "Start with iGoogle".
That's it, the browser window on your computer will auto-magically refresh and you will be taken to Gmail or iGoogle.
This feature is currently no longer available as Google pulled it as soon as word got out about this feature. CNET reports:
"We always work on improving authentication, and try out different things every now and then," said Dirk Balfanz from Google's security team. "We're working on something that I believe is even better, and when that's ready for a public trial we'll let you know."
Google has put up the following message on the https://accounts.google.com/sesame webpage.Hi there - thanks for your interest in our phone-based login experiment.
While we have concluded this particular experiment, we constantly experiment with new and more secure authentication mechanisms.
Stay tuned for something even better!
Dirk Balfanz, Google Security Team.
Let's hope Google releases it soon. Did you try this out before it was pulled? What do you think of this phone-based login system?
[via PC World]
Off topic:
Just noticed the anti-SOPA link.
I haven’t noticed either.
They should make it a little bit bigger (: