Google acquires SlickLogin, tries for game changer on login

From the SlickLogin site:

We started SlickLogin because security measures had become overly complicated and annoying.

Our friends thought we were insane, but we knew we could do better. So we set out to improve security while still making it simple for people to log in.

Today we’re announcing that the SlickLogin team is joining Google, a company that shares our core beliefs that logging in should be easy instead of frustrating, and authentication should be effective without getting in the way. Google was the first company to offer 2-step verification to everyone, for free – and they’re working on some great ideas that will make the internet safer for everyone. We couldn`t be more excited to join their efforts.

From the linked article:

The idea behind SlickLogin was, at the very least, quite novel: to verify a user’s identity and log them in, a website would play a uniquely generated, nearly-silent sound through your computer’s speakers. An app running on your phone would pick up the sound, analyze it, and send the signal back to the site’s server confirming that you are who you say you are — or, at least, someone who has that person’s phone.

I think this is an interesting idea, but I struggle with the details. If Apple does not change their mechanics (and why would they?), a user would have to take their phone out of their pocket, fire it up, and take some action to get the phone to listen to the sound played by the web site. That sounds like a non-starter to me.

And if Google goes it alone, building SlickLogin support into the OS, they’ll still have a hard sell getting web sites to adopt a system that is unavailable to half the phones in the world.

Still, this technology is compelling. It’ll be interesting to see Google’s next move here.

  • bellhaven

    I don’t even think it’s a compelling idea. The article nailed it with the phrase “or, at least, someone who has that person’s phone”. The site praises something as secure as two-factor authentication yet offers a product that is much much less secure. Also, what if I have headphones on my computer? My phone can’t hear because the speaker is disabled. If I’m playing music through my speakers, does it supposedly work in the background?

    • you unplug your headphones? just a guess.

  • Makes sense. Google has been vocal about getting rid of passwords.

    I’m not convinced voice is the solution but we’ll see.

  • PeakGoogle

  • arcsine

    I don’t think getting websites to adopt the system will be an issue. Look at the options to login to comment here: disqus, facebook, twitter, google.

    It’s another ‘service’ solution from a company that offers and discontinues services all the time.

    There’s pro & a con to this approach that jumps out at me.

    Since googles’ iOS knockoff is listening ‘all the time’, someone using it would easily log into websites almost automatically.

    And since that same knockoff mobile os is rancid with malware of all stripes, there will probably be plenty of ‘free’ ways for hackers to remotely instruct a user’s google-phone to send the ‘confirmation’.

  • Kris404

    Perhaps this is for Glass?