Internet users are notoriously bad at selecting secure passwords for the sites they frequently use that require a login.
Surveys reveal that more than a third of internet users are in the habit of using the same password across multiple sites. The danger is that if a hacker breaches one of your accounts then many of your others may be at risk.
A number of big tech companies have tried various approaches to solve the problem over the years. Google is the latest to do so.
The company recently introduced Google Identity Services. The new service allows users to sign in with a single tap using a secure token tied to one of their Google accounts. This is functionally similar to the ubiquitous “Sign in with Facebook” prompts you see on a wide range of websites. However it has the advantage of being more secure. It is more secure because the Facebook prompt simply recycles your password while Google Identity Services employs a secure token.
Developers have an easy time adding the new functionality to existing sites. The “One Tap” sign in routine can be made to simply scroll down from the top of an existing page or come in from the side. It vanishes once the user taps to sign in.
The hope is that this new functionality will help keep users from choosing the convenience of recycling a password so they have less to keep track. That is rather than the greater security that comes with maintaining a unique password on every site a user visits.
It’s too early to tell how successful the approach will be. On the surface it does seem like a good solution to a very real problem. Kudos to Google for taking steps to make us all safer. Even when that means keeping us safe from ourselves and our own bad habits.