Yahoo has announced a new security feature which could be easily labelled as a revolutionary step towards password free yet highly secure technological era. The tech giant said that it is going to let its users login Yahoo’s email service without any password. Instead, users could use an on-demand service which will be using a smartphone as the primary device. So whenever a user wants to login his/her Yahoo account, the password will be sent to the user-owned smartphone. This will not be a onetime password rather it will be randomly and securely generated for every user separately on every request.
This is a daring step by Yahoo. Facebook, Twitter and Google have been trying since long to devise a mechanism to get rid of passwords. Passwords are fairly hackable because of their weak nature. A majority of users don’t spend time making their password. A user prefers a same password for all servers or user a chunk of a word in different password. This compromises the security and we have seen hundreds of hacking attempts in the recent past that went successful.
But Yahoo’s latest on-demand password free service has one potential flaw which could collapse your digital identity. All your security depends upon your smartphone. If an intruder succeeds in getting hands on your smartphone, your Yahoo account could be easily breached.
In a statement, Yahoo said that its on-demand password service is the first step towards enhancing mobile security.
Yahoo’s new service will show you the password in the SMS form even if the phone is locked. This could create massive problems if the phone is placed on a public location. Yahoo could devise a two factor authentication, temporary password or secret questions mechanism to beef up its new system’s strength.
Yahoo said that it is also working on end-to-end encryption algorithm for its email service which will be launched soon.