Yesterday, Yahoo released a new way for users to log into their accounts that they call “password-free.” Rather than having to remember the same password every time they need to log in, Yahoo’s new system will have users receive an automatically generated and time sensitive “instant password” that they can use to log into their account. It is analogous to the two-step authorization system that many other services, such as Gmail, use but even simpler as it is reduced to a single step.
The idea behind this development is that passwords are inherently insecure and hard to remember which leads to even more insecurity when people do things like right them down. With this system users can feel secure knowing they won’t need to worry about forgetting their passwords.
But while it is great to think about the benefits of these new systems it is important still for us to deliberate on the potential side effects and negatives of these new technologies. While it is all well and good that I can simply use my phone to get in my Yahoo mail account, what happens if I lose my phone? Unlike a true two-step authorization scheme where an outsider would still need to know the original password, Yahoo’s system leaves the accounts of forgetful phone owners in danger.
As technology has become more advanced and interdependent we are seeing more of these new ways to authenticate systems with things like these device-dependent authorization and more innovative things like fingerprint and heartbeat recognition making its way into everyday devices. It will be interesting to see how successful this effort to “eliminating passwords”, as said by the Yahoo’s vice president of product management, will be and whether the alternatives with their own unique flaws will truly serve as functional replacements.