Yahoo! kills! more! passwords! with! push! notification! app!
The future is single factor second factor authentication, bleats Purple Palace
Yahoo! has gone partially password-free with the stable release of a second-factor account sign-in tool that uses push messages to identify users.
The mechanism first launched in October for Yahoo! Mail allows users to log into other Purple Palace apps including Messenger, Finance, Fantasy, and the Sports app on iOS and Android handsets.
Product boss Lovlesh Chhabra says users will receive a push notification when they attempt to log into an app which will confirm the attempt.
"Passwords can be a hassle - they’re easy to lose track of and forget, or they are weak passwords that are vulnerable to hacking," Chhabra says.
"With Yahoo! Account Key, you can easily and securely sign in to your Yahoo account using your mobile phone.
"... each time you sign-in, you will receive a push notification on your mobile phone for you to approve.
Users signing in to Yahoo! properties without a password on their computers will after activating the feature receive a push notification on their registered handsets.
Those who do not have their phones handy can answer security questions to gain access.
Yahoo! has long been on a mission to kill passwords. Last year it began sending one-time passwords using SMS when users attempted to sign in.
It has in recent years spun up a lucrative bug bounty program and a service to notify users of possible state-sponsored attacks. ®
Sponsored: 2016 Cyberthreat defense report