Yahoo is working on On-Demand Passwords in order to eliminate the necessity of people remembering a Complex Password every time when they log-in into Yahoo!!!

In terms of User Experience
Somebody Log-in into their Account and Click on the Information Section and opt into an On-Demand Password. Next time they Log-in into Yahoo, they will receive One time password in form of SMS. Then, User will take that four-letter password or Code present in the SMS to fill the Password Field. This will completely eliminate the problem of  forgetting password and getting involved in lengthy process of "I can't access my account"

How it works?
If you use a password manager and opt for On-Demand Password. You would detect at the time of Login that the Interface has changed as soon as you fill Username Field. The fields would change not requiring the usual password but On-Demand Password. Tap the button send password. It will take you to a new field. 

This has been done in order to break the bundle of passwords that user has to remember every time. Earlier we needed a Password which satisfies a particular criteria, that is, have lowercase letters, numbers and Uppercase Letters. So, this will be eliminated completely. This ensures that User does not use same password for Different accounts so that important information is not at risk.


How is this more Secure or Beneficial?
Eliminating Vulnerability that comes from User Side.
Not Using Same Password Every time is not necessary for all. If you are a regular user concerned about emails then Second form of Verification option is there. It will require User Verification and second step verification like a particular question. It solely depends upon the User if he wants to opt for On-Demand password if he is facing problem memorizing it.

New methods to be introduced

Dylan Casey Yahoo’s vice president of product management said that it will initiate more authentic methods.
  • Bio-matrix System 
  • Retina Scanner Verification
  • Using voice as Password Verification
  • Finger Print verification 
  • End User encryption.


Private key Verification or End User Encryption Verification  
Setting up Level of Encryption in your own email such as if an attacker is going to compromise on an account. He would need a private key. If he doesn't have that private key, he wont be able to access your account.

Talking on its Positive Side
  • Reduce burden of Security on User.
  • To facilitate in providing one time on-demand password.
  • Encryption is there to add extra layer for the Yahoo Account.

When is it Available for Use?
  • Today only available in the US.
  • Currently opted for Yahoo.

Down-sides of Using On-Demand Password
  • SMS is not Correct or perfect.
  • Don't know it has come on Phone or not.
  • Delay in receiving
  • Lost your phone or Phone is Dead.


Backup Solution
  • Another Phone number
  • Alternate Email address

0 comments:

Post a Comment