For years now, warnings about weak passwords have fallen on deaf ears.
Despite a plethora of stories online that boast the power of new age hackers and highlight the dangers of having strangers digging through your email, it is rare that people actually take additional steps to keep their online accounts and digital information secure.
Well, Yahoo is hoping to create a new password-free login system that would aim to make their users’ information more secure.
Rather than having one password, typically something personal or easy to remember that can be guessed by the right malicious tech-savvy foe, Yahoo’s new approach is to give users many one-time only passwords.
Here’s how it works.
First, you toss out the old wrinkled piece of paper hiding under your keyboard that has a list of your passwords written down on it.
Next, you attempt to log in on your Yahoo account and keep your cellphone close by.
Yahoo would then send a one-time only password to your phone that you would use to log in.
Once the password is used, it can’t be used again.
It seems a like an efficient way to keep hackers and nosy visitors out of your email.
As perfect as the plan may sound, some tech lovers are concerned that the new method isn’t quite as secure as Yahoo users might hope it would be
The first issue starts with human nature and our ability to lose a cellphone in virtually any situation.
Even people who use their cellphones for everything including banking, GPS, as a smart remote, a voice recorder, a notepad and more have at least one frightening tale about when they left their cell phone unattended.
It’s the modern-age thriller story that has everyone desperately hoping for a happy ending.
You set your cellphone down in the grocery store, the gym, the book store, the coffee shop or wherever else you may find yourself in the midst of a busy day only to realize hours later that you never picked it back up.
That mistake, if you’re using Yahoo’s password-free login, could put your email in a compromising position.
Even when some phones are locked, a pop-up message will unveil the contents of new text messages.
That means if you send the one-time password to your phone without realizing someone else has it, they could essentially log in to your email.
It’s a concern that has been brought up by several tech blogs and message boards but also a warning that should come with a grain of salt.
Most people will likely go searching for their phone before they attempt to log in since they know their phone will be needed for the process.
Also, even if a person gets the one-time password, they might not know your actual username to log in.
Lastly, they would have to care enough about what you’re doing to go fishing around in an attempt to log in with the password they have received.
Unless you’re a multi-millionaire or a scientist on the brink of a groundbreaking medical breakthrough, the average person just won’t be too concerned about what’s hiding in your inbox.
If you’re anything like the vast majority of email users, your inbox is crowded with junk mail anyway.
So while that particular scenario doesn’t seem to pose a significant risk, there are still questions about the practicality of the password-free method since Yahoo already had a two-step process that appears to be more secure than the new method.
With a few quick alterations to your security settings, a Yahoo user can require that an additional password be sent to their phone only after they have first entered the correct password on the screen.
Both the password and the one-time code will have to be correct for anyone to gain access to the account.
The goal, however, is to eventually eliminate the need for passwords all together.
The desire to bid passwords farewell for good has also inspired the launch of many tech products that would allow consumers to log in to different accounts using their fingerprints or by having a device scan their eye.
While these products have shown great potential, they are also still riddled with bugs for now that make their designs impressive but their functionality underwhelming.