Yahoo wants you to kill your passwords

Web giant adds secure notifications to Finance, Fantasy, Mail, Messenger and Sports apps

Yahoo is intensifying its mission to "kill the password" with the release of a new account login process for Yahoo apps.

The web services provider stated its intentions to ditch the password a year ago, when it announced its plans to introduce "on-demand passwords" that would be texted to a user's mobile devices.

Now those plans have been polished and rolled into a new login method, Yahoo Account Key.

The service works by sending Yahoo users a push notification on their mobile phone for them to approve whenever they attempt to sign into their Yahoo account from a new desktop browser.

Once the user receives the notification and taps the approval button, they will immediately be signed in.

"Passwords can be a hassle they're easy to lose track of and forget, or they are weak passwords that are vulnerable to hacking. At Yahoo, we are moving fast in our mission to kill the password' and make it easier for users to sign in without sacrificing security," said Yahoo product manager Lovlesh Chhabra in a blog post.

This new login method will appear for Yahoo Finance, Fantasy, Mail, Messenger, and Sports for iOS and Android.

Yahoo claimed this method of account verification is more secure than passwords. However, the company also said users must not sign out of their Yahoo app or turn off notifications "as this will prevent you from receiving your Account Key push notification".

Yahoo is not alone in its decision to explore new methods of user verification. Other web service providers have also been taking steps to move away from account passwords.

Bad passwords are one of the biggest reasons people's accounts are hacked, with the most commonly used password in 2015 being '123456'.

Music identification app Shazam does not use passwords at all, instead sending a verification email to the users when they attempt to sign to the app for the first time on a new device.

Google offers its Google Authentication app, which is used as an additional layer of verification, via randomised passcodes on the user's mobile device, for selected web services.

And the latest Apple devices, such as the iPhone SE and iPad Pro, include fingerprint sensors which enable user to confirm their identify simply by holding their finger to the devices home button.

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
Npower shuts down app after hackers steal user data
hacking

Npower shuts down app after hackers steal user data

25 Feb 2021
New monitors for an agile new normal
Sponsored

New monitors for an agile new normal

19 Feb 2021