Google has been on a quest to kill the password, so in its latest efforts to further that agenda, the tech giant has now made it possible to log into your Google account on iOS devices by using an Android phone.
The reasoning behind this line of thought is pretty simple: While a long password with a bunch of random letters, numbers, and funky symbols is harder for a hacker to brute force, stronger passwords don’t really protect against other attacks like phishing, data breaches, or people using the same password across multiple accounts.
In fact, in a recent interview with the Verge, Google’s login chief admitted that Google would prefer people use Apple’s recently announced sign-in feature than continue using a regular password. But back to the matter at hand.
For those interested in using Google’s new sign in option on iOS devices, the procedure is relatively simple, but there are a few things you’ll need to do first.
Make sure two-factor authentication is enabled for your Google account and that you’ve added your Android phone as an approved security key.
Turn on Bluetooth on both your Android phone and iOS device if it isn’t on already. (Google uses Bluetooth to ping your Android phone from iOS)
Install Google’s Smart Lock app on your iOS device.
Make sure your Android phone is running Android 7.0 or later.
Once you’ve done all of the above, you can then try to sign in as normal. The difference now is that instead of asking for a password, you will be presented with a prompt on your iOS to check your Android phone, where you will receive a verification message asking if you are indeed trying to sign into your account on a new device.
From there, Google will use the FIDO Alliance’s “Client to Authentication Protocol” (CTAP) to securely complete your login. Sadly, it seems this method only works for your main Google account right now, not third-party apps or services that use Google’s sign-in option, which is something you can do on an Android phone.
For those wondering why you have to download Google’s Smart Lock app instead of using Chrome on iOS, the reason is that Chrome on iOS is based on Apple’s Webkit engine, instead of the Chromium engine, which is what all other versions of Chrome are based on.
And if you’re grumbling about turning on two-factor authentication, well just suck it up. Yes, it’s kind of a hassle, but you really should have it enabled, especially on your core accounts. At this point, it’s the least you can do to protect yourself.