Login on phone where TeddyID app is installed

Anton Churyumov, 19.03.2015.

Now you can log in to sites from the same phone where TeddyID app is installed. Previously it wasn't possible because we required to scan a QR code with a separate device. So if you have two devices, e.g. iPad and iPhone, with TeddyID app installed on your iPhone, you could safely log in to sites on your iPad by confirming logins with your iPhone, but you couldn't log in to sites in iPhone's browser.

Now, if you open a site in the same device where TeddyID app is installed, you will be presented with the regular pairing screen that includes a QR code as usual, but instead of scanning the QR code, you can just tap it. TeddyID app will start automatically and request you to confirm pairing. After you approve the request, you'll additionally confirm pairing by clicking a link sent to your email (if you have email address in your profile), and you will be logged in.

By default, when you are browsing the web on the same device where TeddyID app is installed, you cannot log in to sites with simple Yes/No requests, you have to tap the QR code and confirm your email each time. However, if you feel that 2-factor security is not required for a particular site, or you enabled PIN code in the app that protects it even if you lose your phone, then you can enable Yes/No requests on the same device for that particular site by editing its settings in your sites list.

Now you can also use TeddyID Password Manager on the same phone where TeddyID app is installed. However, since the current mobile browsers have no or limited support for browser extensions, using the password manager in phones/tablets is slightly more involved than on desktop OSes. You need to install a bookmarklet in the mobile browser, then on each page where you want to save or use a password you activate the password manager by opening the bookmarklet, then use the password manager as usual. Unfortunately, the trick won't work for some sites that use CSP (content security policy), one example is github.com, however most of the sites do allow to activate our password manager by opening the bookmarklet.