17 January 2012

Log into Gmail without typing a password



[UPDATE: This site has been taken down - it was an experiment by Google]

A few sites have mentioned an undocumented method of logging into Gmail (or iGoogle) without typing your password.

Why is that a good thing? Well, if you're using a computer you don't trust (such as in an internet café/hostel/hotel) then a keystroke logger or other malware won't be able to capture your password.

You need to install a QR Reader on your phone - there are lots out there such as Norton Snap QR reader or QRRreader (free). These readers can interpret codes like the one in this article.

To use the system:
  1. On the untrusted PC navigate  to http://accounts.google.com/sesame
  2. Start your QR reader and point the camera phone at the code that appears on the PC monitor
  3. [The first time you do it you will need to link your phone to your Google account]
  4. Click the Gmail button on your phone to log in. The browser window on the PC will magically show your Gmail account!
This system also allows you to have a really long (and more secure) password that even you can't remember. Just use this whenever you want to log in on a PC or laptop!

Oh, and Google - we'd love some info on how clicking a browser button on a phone then sends a redirect to the PC in question!

© Andrew Calvin 2012