Google looks into password alternative for unlocking Chrome screens

Share this article:
Authentication methods are being proposed that would allow Chrome apps to unlock users' screens.
Authentication methods are being proposed that would allow Chrome apps to unlock users' screens.

Google is devising a way to let Chrome users unlock their computer screens using Chrome apps – providing a password-free option for authentication.

On Wednesday, Google “Chromium Evangelist” Francois Beaufort shared information about the undertaking that the Chromium OS team “seems to be experimenting with.”

Via a post on Google Plus, Beaufort said the “password-free unlock” feature would allow Chrome apps to use USB, near field communication (NFC) and Bluetooth application programming interfaces (APIs) to communicate with trusted devices, like phones, watches, rings or badges, to unlock Chrome screens in sleep mode.

An API proposal for the technology, submitted last month, explains that the authentication method would also “show messages to the user if the app decides not to unlock the screen for some reason.”

The proposal revealed that would be quite possible for multiple trusted devices to “disagree about whether the screen should be locked or unlock,” an issue that could be remediated by disabling apps or locking that occurs shortly after the screen has been unlocked.

“It is considered worse to lock the screen while the user wants to use it, than to unlock the screen while the user may be away,” the proposal said.

Developers at Google are aware that the protocol could be abused, resulting in “trusted” devices unintentionally locking or unlocking users' screens, but they ultimately reasoned that the method would get more Chrome users to secure their machines out of convenience.

“The easier it is to unlock a screen, the more likely it is that a user will lock it in the first place,” the proposal said.

On Wednesday, Steve Kirsh, CEO and founder of OneID, a Redwood City, Calif.-based digital identity management service provider, told SCMagazine.com that the convenience factor could play a role in securing more users, but that the technology would need to be implemented to see the whole picture.

“The problem may be that, depending on what devices this is available on, if [a user] forgets their device, it could be more of a hassle and they may turn it off,” Kirsh said. “I really think it's one of those things where you have to try it out and see if people actually end up adopting it. That's the number one thing, that it's easy enough for users to use – and that they do use it."

Share this article:

Sign up to our newsletters

More in News

Accuvant taps Coca Cola CISO Guttmann as VP

Former Coca Cola CISO Renee Guttmann has joined Accuvant's Office of the CISO.

ICO fines U.K. travel firm £150,000 for 2012 breach

Data on more than one million credit and debit cards was pilfered in the 2012 breach of a system Think W3 Limited.

Firefox 32 feature could cut undetected malware downloads 'in half'

Mozilla plans to introduce a feature in Firefox 32 that, based on preliminary testing, could cut the amount of undetected malware downloads in half.