Google looks into password alternative for unlocking Chrome screens
Authentication methods are being proposed that would allow Chrome apps to unlock users' screens.
On Wednesday, Google “Chromium Evangelist” Francois Beaufort shared information about the undertaking that the Chromium OS team “seems to be experimenting with.”
Via a post on Google Plus, Beaufort said the “password-free unlock” feature would allow Chrome apps to use USB, near field communication (NFC) and Bluetooth application programming interfaces (APIs) to communicate with trusted devices, like phones, watches, rings or badges, to unlock Chrome screens in sleep mode.
An API proposal for the technology, submitted last month, explains that the authentication method would also “show messages to the user if the app decides not to unlock the screen for some reason.”
The proposal revealed that would be quite possible for multiple trusted devices to “disagree about whether the screen should be locked or unlock,” an issue that could be remediated by disabling apps or locking that occurs shortly after the screen has been unlocked.
“It is considered worse to lock the screen while the user wants to use it, than to unlock the screen while the user may be away,” the proposal said.
Developers at Google are aware that the protocol could be abused, resulting in “trusted” devices unintentionally locking or unlocking users' screens, but they ultimately reasoned that the method would get more Chrome users to secure their machines out of convenience.
“The easier it is to unlock a screen, the more likely it is that a user will lock it in the first place,” the proposal said.
On Wednesday, Steve Kirsh, CEO and founder of OneID, a Redwood City, Calif.-based digital identity management service provider, told SCMagazine.com that the convenience factor could play a role in securing more users, but that the technology would need to be implemented to see the whole picture.
“The problem may be that, depending on what devices this is available on, if [a user] forgets their device, it could be more of a hassle and they may turn it off,” Kirsh said. “I really think it's one of those things where you have to try it out and see if people actually end up adopting it. That's the number one thing, that it's easy enough for users to use – and that they do use it."