Google eyes password-free authentication in Chrome OS

Google eyes password-free authentication in Chrome OS

If a Chromebook is near trusted hardware like a phone or watch, an app could wake up the machine. Easier screen unlocking could encourage people to lock them in the first place.


Google developers are proposing technology that would let Web apps unlock Chrome OS machines without requiring people to type in a password.

The chrome.screenlockPrivate feature would let an app wake up a Chromebook or Chromebox if it judges a person to be present based on trusted data from Bluetooth, NFC, or USB ports.

"A platform app may use the USB, NFC, and/or Bluetooth APIs to communicate with a secondary trusted device such as a phone, ring, watch, or badge, thereby allowing that trusted device to serve as an alternative form of authentication for the user," said a design document pointed out by Chrome watcher and Google employee Francois Beaufort.

Automated unlocking of a screen might seem like it would open a Chromebook up to misuse -- for example if somebody stole your phone, or you just left it near the Chromebook. The developers, though, see a security advantage: convenient security is more likely to be used in the first place. In other words, imperfect authentication is better than none at all.

"The easier it is to unlock a screen, the more likely it is that a user will lock it in the first place," the developers said.

The document is for Chrome OS, but in principle, it could also be used on Android. So maybe there will be a better reason to buy one of those smart watches or NFC-enabled phones after all.