A new password-free system is currently being tested by a small group. The project, which was launched by Google, aims to remove what is often the weakest link of any login system, the password, while providing an alternative secure login method that is less troublesome than the current two-factor authentication.
The system is similar to Account Key launched by Yahoo, and once you boil it down, it actually isn’t all that different from the two-factor authentication. Here is how it works: When you log into your account, rather than entering your password, you select a button that sends a push notification to your phone. You then select the push notification, open the app, which asks you if you are attempting to log in. Once you approve the log-in on your phone, the account opens in your browser.
But what if your device is stolen or if your password has been phished? According to Google, your lock screen or Touch ID should be more than enough to activate your phone (You do lock your phone, don’t you?). As a pre-cautionary measure, Google also advises that you sign into your account from another device and remove account access from the device which you no longer in your possession of.
this is barely something new: 微信 –WeChat in the western world– offers exactly this password-free system to log in the desktop software using the phone’s app