Submit A Tip Alternative Tip Form

Proposed Chrome OS API Would Introduce Password-Free Authentication

chromebook-screen-lock-tileA new Chrome API being proposed would introduce a method of “password-free authentication” to Chrome OS.

The API – called chrome.screenlockPrivate – would let Chrome Apps lock or unlock your Chrome OS device with a way to show messages to users when a device is locked.

The document mentions USB, NFC, and Bluetooth APIs for “communicat[ing] with a secondary trusted device” to provide an “alternative form of authentication”. Proximity-based desktop applications have existed in the past to show notifications from devices or to trigger certain desktop events when you enter or leave a room. These new APIs would give Chrome developers a predictable interface for interacting with such devices – e.g., smartphones, smart watches, or even NFC rings – to provide either an alternative or “two-step” form of authentication.

chromebook-swipe-lock-screen

Additional unlock UIs like a “swipe pattern matrix” are also mentioned in the proposal. With touchscreen Chromebooks trickling out, this could mean a faster way to unlock your Chrome OS device. And with the wealth of hardware APIs already available to packaged apps, adding voice and facial recognition as forms of authentication may be possible as well.

“Apps may eventually want to mediate login as well as unlock”

What’s more, these additional unlock methods could also come to the login process as well. An app could register itself as a login authenticator, stepping in to offer a swipe pattern instead of or in addition to the normal username/password login on Chrome OS devices.

As this is still only a proposal, we can all let our imaginations run wild, but several issues are at hand when exposing such a significant API to Chrome Apps. Multiple apps may request locking and unlocking at the same time or in such a short succession as to block a user in an endless onslaught of unlock screens. Because of the potential for abuse, the proposal suggests keeping the API whitelisted, requiring an app to be reviewed by the security and privacy team before being published.

Introducing better ways to secure content is exceedingly important on a device as connected to your digital existence as a Chromebook, and making authentication faster and easier – be it with help from a smartphone, smart watch, or sundry devices – means users will be more willing to keep their content safe and secure.

Password-Free Authentication Proposal

  • http://www.netsolinc.com/ David

    This sounds like a great idea. I just wish every time I opened my Chromebook with a USB drive or SD card inserted that it wouldn’t always open up the file manager application…..annoying.

    • shadowguy14

      Then why are they in there??

      • http://www.netsolinc.com/ David

        They are in there so that I can access them when I’m ready to access them. Right now the way it works I can’t continuously keep an SD card in my Chromebook. If I do and I close the lid, or turn it off then when I open it back up and log in the File Manager automatically opens up. What if I don’t need to get to those files right now. Do you keep external hard drives connected to your desktop on a Windows or a Linux or a Mac machine? If you do then when you log in to your machine wouldn’t it be a bit annoying to have the File Manager on those OS’s automatically open to the files that are on that Ext. HDD? They are there for quick access, they are not there to access every time I turn on or log in to my machine.

  • Curtis Mitchell

    Hmm, my Google password is one of the few passwords I feel relatively confident about thanks to two-step verification. If someone got onto my Chromebook though, they’d have just about everything. More security options can only be a good thing.

  • http://www.AncientBeast.com/ Dread Knight

    Sounds good, I’m tired of typing my complex passwords over and over again, especially on touch screen devices. Hopefully 123456 won’t be the most popular password in a few years from now.