Death to passwords: Google rolls out OAuth2 tools for Android

Passwords suck. In order to make them as secure as possible we are supposed to make them long and filled with numbers or symbols, and we are supposed to have a different one for every account. But that also makes them impossible for most normal people to remember them. And on mobile devices it’s even worse, as typing lots of letters, numbers, and symbols is a laborious process on a virtual keyboard.

Google wants to improve the experience, and they are rolling out developer tools right now that should help eliminate those annoying sign-in experiences, at least for Android users. On its developer blog Google said they are currently rolling out the new services via Google Play, and provided tutorials for developers to implement the new OAuth2 API.

What does it mean to you? As more developers implement OAuth2 it means you will only need to enter a password once into your Android account, and then any webpages or apps that make proper use of the new authentication standard can recognize your mobile device without you needing to keep entering those passwords. Not only will this be a much better user experience, but it should also improve security, since it won’t be nearly as bad to enter a 17 digit password a single time and then be done with it.

It’s possible that these features may eventually extend further into Google’s ecosystem – they already allow you to stay signed in to Google services when you use Chrome on a PC or mobile device, and it’s not hard to imagine them extending these capabilities to the desktop through Chrome at some point. There's at least some hope for everyone else; password security and convenience are killer features, so it’s not hard to imagine Apple, Mozilla, and Microsoft (the other companies that own a mobile OS and a browser) scrambling to implement similar functionality.

source: Google via Android Central