Google has acquired a start-up named SlickLogin who hoped to replace regular passwords with a high-frequency audio key nearly inaudible to humans.
In a blog-post announcing the move, SlickLogin said that they will be working with Google to “make the internet safer for everyone”, welcoming the deal as a step forward for those who believe “logging in should be easy instead of frustrating”.
SlickLogin previously touted their system as either a replacement for regular passwords or as part of a two-step authentication system. Users could navigate to any site with a SlickLogin password, open up an app on their smartphone and hold it up to their computer or laptop’s speakers.
Then computer then plays a uniquely generated high-frequency sound that is analysed by the app. Once the user’s identity is verified it sends a signal back to SlickLogin’s servers which let the user into the site. The company never released a commercial product.
SlickLogin’s mechanism is one of many alternatives currently being explored by tech companies as a replacement for the traditional password. The combination of cheap computing power with the lax security habits of users means that text-based passwords (even random alphanumerics) are easily cracked by hackers.
Google has previously shown interest in physical security tokens that verify user’s identity, joining the board of the Fido Alliance last April, an industry body working on developing alternative login methods including biometrics (eg facial recognition) and USB login ‘keys’.
Google currently offers a two-step authentication protocol that sends temporary passwords to users’ smartphones, but for some users this system is not convenient enough. Whether an audio-based log-in system could be any simpler is uncertain, but it’s clear that Google is keen to solve the password problem for good.
The speed with which Google has moved on the Israeli-based company is surprising. The tiny, three-man company first launched just five months ago. The financials of the deal have not been announced but tech site Geektime (who first reported the news) suggest that SlickLogin was valued at “several million".