Yahoo: Sayonara, passwords

October 16, 2015, 8:23 PM UTC
Yahoo NewFront 2015 Marissa Mayer
CEO Marissa Mayer at Yahoo's 2015 NewFront.
Courtesy: Yahoo

Yahoo wants to kill passwords.

The Sunnyvale, California tech giant drove a nail into the coffin on Thursday when it debuted a new service, Yahoo Account Key, that eliminates the need for users to enter login credentials when accessing their Yahoo accounts. The feature is available for users of the Yahoo Mail app on both iOS and Android and will apply to other apps this year, the company said in a Tumblr blog post.

Although the company did not specify which apps might be next up on the password chopping block, other Yahoo apps include the photo-sharing service Flickr as well as Yahoo Sports, Yahoo News, and Yahoo Messenger.

“Passwords are usually simple to hack and easy to forget,” writes Dylan Casey, vice president of product management at Yahoo, in the post. So, the paranoids at Yahoo (YHOO), as the information security team members are affectionately called, devised a workaround.

Why not—instead of forcing users to remember and enter passwords—have a service simply send a notification to whichever device is associated with a user account when someone attempts to login? “Are you trying to sign in?” the prompt asks. Then the user can tap yes or no to gain access. It doesn’t matter whether it’s the phone or tablet you’re trying to log in on, or another one, so long as Account Key recognizes it as “yours.”

In case a person loses the device, backup email accounts or phone numbers can be used to verify identity.

The process will strike users as similar to what many two-factor authentication services provide—except, in this case, the first factor (that is, the password) is missing. Instead, it’s completely substituted by the device-specific authentication.

Earlier this year Yahoo launched an “on-demand” password service that sends one-time codes to users’ smartphones via text message. They then enter those codes instead of passwords.

Security experts and laypeople have griped about the problems related to passwords for decades. When done right, they’re too hard to remember. When done wrong, they’re too easy to crack.

In the meantime, experts recommend using a password manager such as LastPass, KeePass, or Keeper, to store and keep track of one’s login credentials. However, those products are not immune to security problems of their own, including data breaches.

Subscribe to Data Sheet, Fortune’s daily newsletter on the business of technology.

For more on the slow and painful death of passwords, watch this video.

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward