Google Buys SlickLogin, Looks Into Sound-Based Passwords

Israel-based security startup SlickLogin is now part of Google’s portfolio. The goal of this acquisition is to make the Internet safer by replacing text passwords with sound-based ones.

Let’s face it, text passwords are frustrating. You need to pick a unique, complex password for each account that you open on the Internet. Using the same one for all of them might lead to a nasty chain reaction in case one of the accounts get compromised. And no, “password” is not an option! With this in mind, Google plans to revolutionize Internet security by working closely with the employees of its latest acquisition, SlickLogin.

SlickLogin confirmed the acquisition on the company’s website: “Today we’re announcing that the SlickLogin team is joining Google, a company that shares our core beliefs that logging in should be easy instead of frustrating, and authentication should be effective without getting in the way.”

Mind you, the sound-based password technology developed by SlickLogin doesn’t implying playing songs or whistling a tune in order to access your accounts. That wouldn’t be safe at all, now would it? Instead, the computers will play sounds inaudible to the human ear, but which can be analyzed by a smartphone in order to authenticate the user.

The position of the smartphone also needs to be confirmed before starting the analysis of the sound. This is done via Wi-Fi, Bluetooth, NFC, or GPS. Since the transmitted sound is unique for each login, it’s rather impossible to hijack the system.

Given that users have a single account for all of Google’s services, there are two possible ways the search giant could implement the sound-based passwords. SlickLogin’s solution could either become the second layer of Google’s two-step authentication, thus replacing the code transmitted via phone call/SMS/Authenticator app, or it could replace the username and password combo altogether.

Most likely, the activity of SlickLogin will now be correlated with the one of spam-fighting startup Impermium, which Google bought in January. I admit that a sound-based password makes much more sense than the biometric authentication used by Apple’s iPhone 5S, which was hacked in less than 48 hours after the phone’s launch. There is one question that needs to be answered, though: what backup method will be used if the smartphone necessary for the authentication is lost, destroyed or stolen? Anyway, it’ll be interesting to see Google’s new approach for online security.

Be social! Follow Walyou on Facebook and Twitter, and read more related stories about how Google bought to counteract online ad fraud and the Tuit NFC security ring.