Yahoo! launches password on-demand service for simpletons!

March 16, 2015
by Alex Tough

Yahoo! is trialling a service that removes the need to remember passwords, providing users aren’t so absent-minded they don’t also lose or mislay their phones.

The on-demand password service allows registered users to get a short password sent to their phone. On-demand passwords is an opt-in service, initially only available in the US.

Users would still have the task of typing in a one-time password, they just wouldn’t have to remember it. Anyone who had access to their phone could impersonate a user – a massive risk, particularly when so many social media accounts are linked to webmail accounts for password reset purposes.

The potential for pranks and worse that would leave victims in the awkward situation of explaining away inappropriate posts is massive, without even thinking about the implications for online banking.

Hackers covet webmail login passwords, as evidenced by the trade for login credentials on black market forums. The feature trades the mild inconvenience of having to remember a password for webmail for a substantial security headache.

Chris Stoner, Yahoo! director of product management, announced the service at the SXSW conference over the weekend, which also saw the separate demo by Yahoo! of a PGP webmail plug-in, which is due to become available by the end of the year.