Google is experimenting again —but this time, with a QR-code login.
Apparently, a few Web surfers discovered a new QR-code account that served as an authentication tool to help Google users login securely while at a public computer. Keylogger programs are an eminent threat and may snatch and store passwords when people use public desktops to manually access Gmail and other Google services; therefore, a QR-code login could be a safer alternative.
With the new login that was found yesterday, users could use Android-powered smartphones to scan a QR code on a desktop that will automatically take them to a mobile login website. According to Google Software Engineer Walter Chang, users can sign into a Google service on their own device, and the action will directly forward them to Gmail or iGoogle on the public computer. Obviously, fake QR-codes imitating as an authentic Google login could pose a security risk, as well.
The feature made the rounds on the Internet yesterday, and Google Security Team Software Engineer Dirk Balfanz took to his Google+ account to announce the QR-code login as an experimental project.
“Looks like people have found the page for an experiment we’ve been running for phone-based authentication,” said Balfanz.
More information is available below.
“Folks – it’s just that – an experiment – and will likely go away at some point. We always work on improving authentication, and try out different things every now and then. We’re working on something that I believe is even better, and when that’s ready for a public trial we’ll let you know,” Balafanz added.
Balfanz accurately predicted the QR-code account would go away shortly, as he promptly took the experiment offline and updated the website with a explanatory message:
“While we have concluded this particular experiment, we constantly experiment with new and more secure authentication mechanisms. Stay tuned for something even better!”
The software engineer further elaborated on the removal of the experiment through his Google+ account, and said it was exciting to see “how many people liked the idea of securely logging into computers without having to type their password.”
According to Balfanz, Google software engineers are now developing a QR-code login solution that is more streamlined than the recently leaked experiment.