Yahoo is introducing “on-demand” email passwords built on phone notifications, thus eliminating the need to remember a fixed password. Access to Yahoo Mail is now provided through a service similar to “two-step verification”. The latter is a security measure employed by many other service providers, but Yahoo removed the first step.

As you know, the two-step verification is when a user logs in with their fixed password, after which the service provider sends a unique code to their mobile phone to make sure the user has access to a trusted device (in this case, a mobile phone) and allow the access to the service. However, Yahoo will not ask the users to enter a fixed password first, sending them a 4-letter password to a mobile phone right away.

The Californian tech giant announced that it was taking the first steps to eliminate passwords. Those users who don’t want to memorize passwords to their Yahoo Mail anymore should take the following steps: sign in to their Yahoo.com account; click on their name at the top right corner and proceed to their account information page; once there, choose “Security” in the left bar and click on the slider saying “On-demand passwords” to opt-in. Here the user will need to set up a trusted device: enter a mobile phone number to receive a verification code from Yahoo and confirm its receipt.

The company emphasized that such “on-demand” passwords are not mandatory for all users – those with good memory can continue to enjoy their fixed passwords. Besides, the service is now only available in the United States. Apart from announcing their new security system, Yahoo also introduced its forthcoming project on end-to-end encryption, which will be based on Google’s alpha Chrome PGP encryption plugin. The company is going to implement the new service in fall 2015.