One picture can unlock all your apps

PhotoLogin lets people take a photo and use it as a password to access their online content.

Alison Vayne Staff writer
Alison is an intern for the summer at CNET News. She is currently attending UC Berkeley's Graduate School of Journalism, where she is focusing on video journalism. She comes from Paris, France, but has been in the U.S. for some time now. She has written about video games and coding programs for kids and San Quentin State Prison inmates. She is based in San Francisco.
Alison Vayne
2 min read
Enlarge Image

LogMeOnce's new feature will give exact information about when and where a request to log in was made.

What if you never had to remember another password again?

That's the promise coming from LogMeOnce, a company that says it can store all your passwords in one secure place and has developed a new feature called PhotoLogin. Just as its name suggests, people's passwords are protected by a picture. If you want to log into a website or an app, all you have to do is snap a photo of that same image using your computer's webcam.

Instead of relying on a computer to figure out if the photo is accurate, LogMeOnce sends the photo to you on another device and asks if it's OK. You say yes, and you're in.

"Traditional passwords are risky, typically weak and are more susceptible to being hacked or duplicated," said Kevin Shahbazi, CEO of LogMeOnce.

The new feature will be available Tuesday. It's free for existing users.

LogMeOnce isn't the only company using photos to unlock your information. Google, for example, has offered facial recognition technology in phones powered by its Android software for the past five years. Just like PhotoLogin, all anyone needs to do is teach the phone what they look like, and then snap a new photo to log in.

Why aren't we all already using our faces to unlock and password protect everything? Well, it doesn't always work. Take FaceLock, a well-regarded app offered in the Google Play store that promises extra security by protecting the apps and other information on a phone unless you snap a photo of your face. It sounds good in theory, but some users say it isn't doesn't function at all times.

SmartApps Mobile, which makes FaceLock, didn't respond to a request for comment.

LogMeOnce contends that it has solved such problems by avoiding all the computer analysis in the first place. When you try to log into a website on a computer, for example, LogMeOnce merely sends a photo taken with the computer's webcam to your phone. From there, you have 60 seconds to confirm you were indeed trying to log in to that site. After that, the photo will be deleted entirely. The next time someone tries to log in, they have to take another photo.

"You approved this access," Shahbazi said. "There was no server involved, there was no robot involved. We actually involved a human."

The "professional" version of the app will also allow people to swipe left and right from the photo to see the exact GPS coordinates of where it was taken, at what time and from what browser. And if your phone is ever stolen, LogMeOnce has added a feature called Mugshot through which, if somebody tries to access your information, the app will take a picture and send it to you along with the location so you can track them down.

The feature is free and available on browser extensions for Chrome, Firefox, Safari on Windows, and Mac and on iOS and Android platforms.