After years and years, turns out nobody can remember their Yahoo password. Now, Yahoo wants to make it so no one has to. The company released on Sunday a new service, named “on-demand” passwords. This service allows users to log into their Yahoo account using a password the company texts to the person’s phone. Using this password, they don’t have to remember their own password.
It is simple and people no longer have to get mad because they don’t remember their account password or use every time the “forget password” function. Here’s how the new function works: the user logs into his Yahoo account using his normal password, goes to security settings, turns on on-demand passwords and registers his phone. So, next time when he wants to use his Yahoo account, the password field is replaced by a button that says “send my password.” Hitting that button, Yahoo sends a four-character password to his phone.
“This is the first step to eliminating passwords,” declared Dylan Casey, vice president of product management for consumer platforms, during a session at the South by Southwest festival. Specialists are saying that the new function offers better security than static passwords, which can be hacked in numerous ways. However, it is still not perfectly safe, because everything is dependent on how secure the user’s phone is.
“Two-factor authentication is more secure because it requires an attacker to compromise more than a single piece of information to be successful,” declared Tim Erlin, director of product management at security firm Tripwire. “While Yahoo is lifting the burden of remembering a password, they are maintaining a single target for compromise: your SMS messages. Malware on your phone could be used to grab those SMS messages, and then have full access to your account,” he continued. Mobil malware is also a common problem for users that are accessing online banking and receive transactions and other authorization codes via SMS.
Cyber security has become a major issue for technology industry. To be mentioned that the world’s well-known companies, like Apple and Sony, have also fought with high-profile security vulnerabilities.