Google enables users to access email accounts with a smartphone instead of a password

21 Jun 2016

Google has released a service for users who find it irksome to enter long alphanumeric passwords to access their email accounts. Google will now allow the use of a prompt, sent on users' phone, to gain access to their account.

Users would need to have an Android phone with updated Google Play services or the iPhone 5S and later versions. To take care of security issues the phone would need to be secured from direct access to the applications from the lock screen. Android phones would need an active screen lock mechanism, while iPhones would need Touch ID. Also, iPhones would need the latest updated version of the Google App installed.

Users would need to use a computer or laptop to go to the Sign in and Security section of their account and set up their phones in that interface. They would then conduct a dry run that showed how one could sign in to email accounts using a phone.

On completion of the sign-in process set up, every time users entered the account, a message would appear on screen saying that a prompt had been sent to their phone. If Google's suspicion detection algorithms get triggered, users would have to enter the password on the mobile device.

Several technology giants including Google, Apple, Microsoft, and Facebook among others advise two-step verification for additional security of user accounts.

For those who still don't use two-step verification, Security researchers recommend users to enable the security feature following these simple steps. Now, Google is introducing a new prompt feature to simplify its two-step verification process to make it easier to sign-in for Android and iOS users.

Google said with the new feature, users would now only need to approve the prompt that will pop up on their phone to complete the two-step verification process and sign in.

The prompt would comprise a message saying, "Are you trying to sign-in?" followed by details of the device and the location of the device on which the sign-in is being attempted. Users would need to choose among two options under prompt - No, deny sign-in and Yes, allow sign-in. Earlier, the two-step verification required the users to sign-in by either providing a security key or entering the verification code that was sent to the user on the phone or email.