Google working on transferring SMS One Time Passwords from your phone to your PC

Gandalf_The_Grey

Level 53
Verified
Trusted
Content Creator
Apr 24, 2016
4,234
41,288
It is a very common experience to have to verify your identity on the desktop web by having to enter a passcode sent via SMS to your smartphone. Often this involved having to dig up your phone and accurately copy over the code.

With Chrome 93, Google is working on the ability for your desktop browser to automatically read the code sent to your Android phone.

Chrome 93 supports the WebOTP (Web One Time Password) interface, so if websites also use the technology, your web browser will automatically detect that your phone has received the code.

For this of course you need an Android phone, and both your handset and desktop browser must be signed into the same Google account.

You can try out the feature now with Chrome 93 beta at this demo page here.

Unfortunately, the feature is dependent on the Chromium web engine and is currently unsupported on iOS.
 

rain2reign

Level 6
Jun 21, 2020
293
1,869
I guess another reason Google wants us to exclusively use their browser with all its privacy issues.

It has often been mentioned on the web that SMS can be intercepted compared to other 2FA methods .
Rather than inception being worrisome, on the contrary, it's worrisome about the fact that the SMS is sent in (open) plain text. Especially so, since Bluetooth and NFC can also be intercepted, while those technologies are used for wireless payment and data transfers which in my opinion is of a more sensitive (important?) nature. The difference between those two and SMS is both interception range and needing access to the Cell Tower (with climbing equipment mind you).
 
Last edited:

SearchLight

Level 12
Verified
Jul 3, 2017
591
1,771
Rather than inception being worrisome, on the contrary, it's worrisome about the fact that the SMS is sent in (open) plain text. Especially so, since Bluetooth and NFC can also be intercepted, while those technologies are used for wireless payment and data transfers which in my opinion is of a more sensitive nature. The difference between those two and SMS is both interception range and needing access to the Cell Tower (with climbing equipment mind you).

That being said is why Signal Messenger is often mentioned for more security in regards to SMS but the caveat is that all your contacts and/or receipients must have the app installed on their phones for secure SMS to work well.
 
Top