How do you login to your Google account on a computer you don't trust? When you type your username and password, a keylogger could capture them and save them. If you have a phone or a tablet with you, there's a better way:
1. Just go to accounts.google.com/sesame on your computer (Open Sesame helps you remember the address) and you'll see a QR code for a special URL generated by Google.
2. Use a QR reader app like QR Reader for iPhone, Barcode Scanner for Android, Google Goggles, Google Shopper or Google Search for iOS. Scan the QR code on your phone or tablet and type the username and password of your Google account.
3. Now you can click "Start with Gmail" or "Start with iGoogle" and the corresponding service will automatically load in the desktop browser. Obviously, you can use any other Google service.
Update: Apparently, it was just an experiment and it no longer works. "Thanks for your interest in our phone-based login experiment. While we have concluded this particular experiment, we constantly experiment with new and more secure authentication mechanisms. Stay tuned for something even better," says Dirk Balfanz from the Google Security Team.
{ Thanks, Petros. }
January 16, 2012
Subscribe to:
Post Comments (Atom)
http://goto.google.com/login also works.
ReplyDeleteWhy would you be doing anything on a computer you don't trust?
ReplyDeleteIf you just need to send a mail which is not secret, you may send it from a cyber cafe but in order to do so you must enter your password which is definitely secret.
DeleteAny of the following scenarios could constitute a computer you do not trust:
DeleteA student using a campus computer.
Using a coworker's computer.
Testing a computer you wish to purchase at a store.
Testing a computer at a convention.
A technician, diagnosing a customer's computer in a lab.
A computer in a cyber cafe or ather public access location.
Obviously, Google is of the mindset that the kids will be doing it anyway, might as well make it as safe as possible...
ReplyDeleteThis is not for kids. See my reply above.
Deletehttps://accounts.google.com/sesame & http://goto.google.com/login
ReplyDeletegets:
Hi there - thanks for your interest in our phone-based login experiment.
While we have concluded this particular experiment, we constantly experiment with new and more secure authentication mechanisms.
Stay tuned for something even better!
Dirk Balfanz, Google Security Team.
Hi Dirk,
DeleteI have a high tech start up we are investigating one touch log in using mobile phone number as authentication....are you pursuing this technology? and if so, is it worth a conversation?
kind regards
nick
Yup, it has been taken down.
ReplyDeleteWhy would anyone use public PC if he already has Internet on the phone :)
ReplyDeleteBecause he doesn't have a full-sized keyboard or a 50" display on his phone?
DeleteBecause the phone doesn't support Flash.
DeleteBecause the user wants to download data to the computer.
Because the user wants to diagnose or test the computer in some way.
Because the computer is on a network that the phone can not access which is either faster or has access to data that the user wants to use in conjunction with his/her Google account.
Because the computer has software, data, peripherals, features or capabilities that the phone can not access (Keyboard, mouse, larger screen, fingerprint identification...).
Because the phone's battery is near empty, or needs to be reserved.
Because the user wants to use the computer and doesn't have a phone, but uses a friend's phone (which he trusts) to access a computer (which he doesn't trust).
Maybe I will try this service to get more secure in using google services such as gmail.
ReplyDeleteWhat about security?
ReplyDeleteWish it still worked.....
ReplyDelete