Monday, May 21, 2012

Google using QR codes for 2 factor authentication

Google’s newest QR Code is the key to secure logins on public computers!

Google's QR Code for secure login

Dumb, its just a sms initiation QR code they are displaying.
Google could have easily just have achieved it by sending sms to a users mobile phone and needing you to reply to login, at least then they wouldn't have the issue of someone faking your handset DID number when sending the inbound sms.
Eg with their method i can fake your handset number and google would be none the wiser that i'm authorising my pc to log into your gmail account.
If google used outbound sms even if i cloned your handset the handset user would still receive a copy of the sms alerting you to a probably hack.

No comments:

Post a Comment