Log into your Google account by scanning a QR code [Update]

Have you ever worried about keyloggers on public computers? A recently discovered feature from Google allows users to log into Google accounts on public terminals by simply scanning a QR code with their mobile device, bypassing the need to type a password on the computer at all.

Simply navigate to accounts.google.com/sesame on the computer you wish to log into, then scan the QR code that appears with your smartphone using any appropriate app. The QR code will open a URL on your phone that prompts you to log in with your Google account username and password if you are not already cookied. After logging in, the web page will show a warning message, reminding you to proceed only if you scanned a barcode from google.com. You are given two buttons to click, with the options of starting with Gmail or iGoogle. Clicking a button will quickly log you into your start page of choice in the computer's web browser.

We tested it with the official Google iOS app and also a different QR code scanning iOS app, and users have reported that this method also works on Android phones and Windows Phone 7. It's a simple and kind of fun way to log into your Google account securely, and it may be very useful to users in certain situations. Just don't forget to log out of the public computer when you're done.

Update: It would seem that Google has closed off this particular feature for now!

Report a problem with article
Previous Story

Windows 8's file system, ReFS, detailed in new blog post

Next Story

Samsung starts to ship Surface 2.0 displays

23 Comments

Commenting is disabled on this article.

Poof, gone.

Page now reads...

Hi there - thanks for your interest in our phone-based login experiment.
While we have concluded this particular experiment, we constantly experiment with new and more secure authentication mechanisms.

Stay tuned for something even better!

Dirk Balfanz, Google Security Team.

Yep,
I see nothing amazing here and it will eventually be just another security risk. Just the fact that it's Goolge, totally turns me off!

Also, as UseLess says "I think you're techie enough to know how to enure its google.com"
You do realize we're talking about a HUGE number of people who AREN'T techie enough, right?

Neat little feature, nothing too AMAZING, but still cool. I really don't expect this to change much, or for it to go into much use besides by us techies. Still... at least they are toying around with new experiments that could help the future of Smart Phones/PC's working together in sync.

While it does offer another avenue of attack - falsified QR codes or some such - I do not believe it will pose a significant risk. If you're techie enough to use a QR code like this, I think you're techie enough to know how to enure its google.com.

I think its a pretty nifty feature - allowing you to enter a password on a device you trust =) ...kinda wish Bing/WL offered something like that =P

Pretty cool idea, just gave it a shot and it works great. Though if you have a smartphone that can scan QR codes and has internet access, whats the point of logging into your gmail on a public computer?

/- Razorfold said,
Pretty cool idea, just gave it a shot and it works great. Though if you have a smartphone that can scan QR codes and has internet access, whats the point of logging into your gmail on a public computer?

Tons of reasons. Composing long emails, working on something in Google docs - or even just minimizing the amount of data usage on their phone.

We wouldn't all have computers if we could do everything on our smartphone just as effectively. Maybe in the future this will be possible, but we are not there yet.

Ìf you already have a smartphone with internet and all the google apps why would you want to log in to your account from an unknown PC anyway.

NeoNut said,
Ìf you already have a smartphone with internet and all the google apps why would you want to log in to your account from an unknown PC anyway.

I have to do it pretty often for tech support reasons.

NeoNut said,
Ìf you already have a smartphone with internet and all the google apps why would you want to log in to your account from an unknown PC anyway.

I was thinking the same thing.

NeoNut said,
Ìf you already have a smartphone with internet and all the google apps why would you want to log in to your account from an unknown PC anyway.

Because smart phones are not full blown PC's. Sometimes you just need to use the apps on a proper regular computer.

Wow, this is incredible. I constantly need to log into Google Account from 3rd party systems, I usually use InPrivate/Incognito but this is just an extra layer of security to protect my password from a keylogger.