Ad Image

LogMeOnce Password Manager Adds ‘Passwordless’ 2FA With Photos

Photo password logmeonce
Photo password logmeonce

Creative Commons

Cloud-based password manager and 2FA provider LogMeOnce has announced a new feature that allows users to log in to any website with a photo.

LogMeOnce’s patented PhotoLogin technology is now one of four login options offered by LogMeOnce. Other options includeFingerprint Biometrics, PIN and password.

LogMeOnce claims that their “PasswordLess PhotoLogin” MFA approach “revolutionizes login and authentication behavior”, and “greatly improves security and reduces the risk of hackers by employing Multi-Factor Authentication (MFA) that users authenticate themselves.”

Users gain access to their account with PhotoLogin by taking a photo on their desktop and approving (or rejecting) the photo on a chosen trusted mobile device.

Forrester Wave Report B2E Cloud IAMThe Forrester Cloud IAM (IDaaS) Wave Report is here.

  •  Full B2E Cloud IAM Market Overview
  • Three Top Vendors Compete For Market Supremacy
  • Vendor Profiles: Leaders, Strong Performers & Contenders
  • Evaluating Market Direction and Vendors’ Future Plans
  • Evaluation Criteria: Current Offering, Strategy and Market Presence

Download Now

“Traditional passwords are risky, typically weak and are more susceptible to be hacked or duplicated,” says Kevin Shahbazi, CEO of LogMeOnce. “Even protecting passwords with a second factor of authentication (2FA) doesn’t make you invincible to hacks. By default, PhotoLogin adds a third-factor of authentication and lets users authenticate themselves to ensure that login information cannot be duplicated, making this feature one of the strongest layers of defense against hackers.”

PhotoLogin works in three steps:

  1. Click the PhotoLogin icon on the LogMeOnce desktop home screen to snap a picture of yourself or anything near you to reference your current location identifiable to you.
  2. The photo is then sent to your mobile device for you to verify or reject the image. Users can also access data such as IP Address, GPS Location and time stamp.
  3. Once you have clicked “Allow” on your mobile device, you are free to start browsing on a desktop.

Essentially, this process mirrors other SMS 2FA processes but replaces a one-time passwords with personalized photos, which could be harder for hackers to intercept.

Each photo expires in 60 seconds and “self-destructs” after the very first use, according to LogMeOnce, so your photo “password” is unique every single time.

 

Share This

Related Posts