Google looks into password alternative for unlocking Chrome screens

Share this article:
Authentication methods are being proposed that would allow Chrome apps to unlock users' screens.
Authentication methods are being proposed that would allow Chrome apps to unlock users' screens.

Google is devising a way to let Chrome users unlock their computer screens using Chrome apps – providing a password-free option for authentication.

On Wednesday, Google “Chromium Evangelist” Francois Beaufort shared information about the undertaking that the Chromium OS team “seems to be experimenting with.”

Via a post on Google Plus, Beaufort said the “password-free unlock” feature would allow Chrome apps to use USB, near field communication (NFC) and Bluetooth application programming interfaces (APIs) to communicate with trusted devices, like phones, watches, rings or badges, to unlock Chrome screens in sleep mode.

An API proposal for the technology, submitted last month, explains that the authentication method would also “show messages to the user if the app decides not to unlock the screen for some reason.”

The proposal revealed that would be quite possible for multiple trusted devices to “disagree about whether the screen should be locked or unlock,” an issue that could be remediated by disabling apps or locking that occurs shortly after the screen has been unlocked.

“It is considered worse to lock the screen while the user wants to use it, than to unlock the screen while the user may be away,” the proposal said.

Developers at Google are aware that the protocol could be abused, resulting in “trusted” devices unintentionally locking or unlocking users' screens, but they ultimately reasoned that the method would get more Chrome users to secure their machines out of convenience.

“The easier it is to unlock a screen, the more likely it is that a user will lock it in the first place,” the proposal said.

On Wednesday, Steve Kirsh, CEO and founder of OneID, a Redwood City, Calif.-based digital identity management service provider, told SCMagazine.com that the convenience factor could play a role in securing more users, but that the technology would need to be implemented to see the whole picture.

“The problem may be that, depending on what devices this is available on, if [a user] forgets their device, it could be more of a hassle and they may turn it off,” Kirsh said. “I really think it's one of those things where you have to try it out and see if people actually end up adopting it. That's the number one thing, that it's easy enough for users to use – and that they do use it."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.