Recently, I was out of town. There was no signal in that area. So, I had to go to this cybercafé.I typed into the password box with a sign, fearing a hacking attempt. As you know, public computers can be loaded with malicious softwares like Keyloggers, Trojans, etc. Nowadays, these are the only ways people can crack into your account. Also read: How secure is your email account?
When I came back, I had this idea that an email services (say gmail) can implement. The idea of an extra password. Let me explain:
You’ll have 2 passwords –
1) Admin password
2) Extra password (that can be configured after you register)
Here’s a scenario where you are using a public computer with a keylogger installed. How you rescue your account with the extra password.
You login to your email account using the extra password. The hacker gets your password (Keylogging, peeking … something). They hack into your account. They’ll have a peek around your emails.
When you comeback home, you login with your admin password. The mail service tells you that someone has logged in using the extra password these many times. You’ll know if it was you.
If someone did hack into your account. You change the extra password using the settings menu. You look into the IP log, and maybe send it to the cops.
If you do implement it, a credit would be appreciated.