Google and its users are probably one of the favorite targets of miscreants. While Google is always trying to secure things from its end, it can only do so much to help users hold their end of the line. Its latest assimilation of startup SlickLogin might just help it do that, though it remains to be seen how much it will catch on.
Google is said to be one of the first to widely implement a two-step authentication process. This new kind of procedure adds a new level of security to the usual password system by requiring users to enter a code from or on their smartphones. This system works on the presumption that users almost always have their smartphones with them and are less likely to lose them than their passwords.
SlickLogin works on a similiar presumption and requires another device such as a smartphone. What SlickLogin does differently is that instead of a code or text to type in, it employs almost inaudible sounds played through the computer’s speakers. An app on the smartphone analyzes the audio and, if authentication is successful, sends a message to the web server allowing the login. The audio that is used is uniquely generated per user per login, ensuring that even if recorded, the sound cannot be reused, even when using the same computer.
Although neither company is saying so, SlickLogin’s audio-based authentication could very well be integrated into Google’s own login system in the near future. It remains to be seen whether this can be used for mobile logins as well, considering those will use the very smartphones and tablets that two-step authentication systems rely on for security.