Tuesday, January 17, 2012

Google Account Authentication Using Your Phone


How do you login to your Google account on a computer you don't trust? When you type your username and password, a keylogger could capture them and save them. If you have a phone or a tablet with you, there's a better way:

1. Just go to accounts.google.com/sesame on your computer (Open Sesame helps you remember the address) and you'll see a QR code for a special URL generated by Google.

2. Use a QR reader app like QR Reader for iPhone, Barcode Scanner for Android, Google Goggles, Google Shopper or Google Search for iOS. Scan the QR code on your phone or tablet and type the username and password of your Google account.

3. Now you can click "Start with Gmail" or "Start with iGoogle" and the corresponding service will automatically load in the desktop browser. Obviously, you can use any other Google service.


Update: Google took down this authentication method posting the following note:
Hi there - thanks for your interest in our phone-based login experiment. 
While we have concluded this particular experiment, we constantly experiment with new and more secure authentication mechanisms.

Stay tuned for something even better! 
Dirk Balfanz, Google Security Team.