Yahoo Account Key is just a less-secure two-factor authentication

Yahoothinks it knows how to eliminate passwords.

On Thursday, the company unveiled a password-free sign-in experience calledYahoo Account Key. The service uses push notifications let people into their accounts.

Account Key sends a prompt to a user’s phone whenever they sign in. The notification allows the person to grant or deny access to their account.

Account Key is essentially a streamlined version oftwo-factor authentication without the first factorthe password itself. The whole idea of 2FA is to require two pieces of information that confirm the identity of the userin most cases, a password and a temporary code sent to a phone or tablet.

Yahoo’s approach relies on the phone’s own login securitya PIN code or fingerprintas the second factor.

If you lose your phone, you’ll still be able to get past Account Key and into your account by verifying your identity through an alternate email or phone number.

Earlier this year, Yahoo previously rolled out a login system called “on-demand passwords” that sent a temporary verification code to a phone that could act in place of a password. With Account Key, Yahoo has taken things one step further.

A revamped version of Yahoo Mail is the first service to get the new Account Key authorization system. Yahoo intends to add it to other apps in the future.

H/T Reuters | Photo via Scott Schiller/Flickr (CC BY 2.0)

Read more: