Skip to main content

Yahoo wants you to forget your password, announces 'on-demand' login service

Yahoo has announced its take on password security with a service that removes the password altogether. With its on-demand service, the software giant will deliver a one-time key every time a user needs to log in to their account, with a "send my password" button displayed instead of the password text box.

Yahoo has detailed instructions on how you can enable the service, which is now available to customers in the U.S.:

1) Sign in to your account.2) Click on your name at the top right corner to go to your account information page.3) Select "Security" in the left bar.4) Click on the slider for "On-demand passwords" to opt-in.5) Enter your phone number and Yahoo will send you a verification code.6) Enter the code and voila!

Yahoo isn't the only tech company looking to simplify the account sign-in process, with Twitter also launching a Digits service that allows users to log in to their accounts via a unique code sent to the phone number associated with their accounts.

Along with on-demand passwords, Yahoo showcased an end-to-end encryption plugin for Yahoo Mail developed in collaboration with Google:

Yahoo's method is geared at being more user-friendly, and while the encryption service is not yet available to users, the company plans to launch it sometime before the end of the year.

Source: Yahoo

The clumsiest man in tech.

  • Yahoo collaborating with google for privacy and security. Funny.
  • Entering a different password every time you login is "simplifying" the process? Sounds much worse to me.
    They probably just want your phone number. Sent from the iMore App
  • Stupid. I'm not giving them my number. I use lastpass anyways. Sent from the iMore App
  • "Stupid. I'm not giving them my number. I use lastpass anyways." With Lastpass, you are giving the provider the keys to all of your passwords. Sure, you can enable Google authenticator to provide additional security, but I fail to see how giving Yahoo your phone number is any less a security risk than providing someone with your email address and hosting your logins on the cloud. Chances are, its' going to be less likely that someone will have access to your cell # and your email address and be able to log into your account that way. When companies step up their security game, it's time to take notice rather than shoot them down within the first two or three statements. I wish more services used a secondary authentication when logging into their site/app/etc. I'm still waiting for Anthem to provide users with the option to add something like Google Authenticator - my wife refuses to use complex passwords and I can see us being hacked because her Facebook, email, and other accounts all resemble a 1-2-3-4-5 password scheme. Yes, that is the same password on her luggage.