Google's Unguessable URLs
Google secures photos using public but unguessable URLs:
So why is that public URL more secure than it looks? The short answer is that the URL is working as a password. Photos URLs are typically around 40 characters long, so if you wanted to scan all the possible combinations, you'd have to work through 1070 different combinations to get the right one, a problem on an astronomical scale. "There are enough combinations that it's considered unguessable," says Aravind Krishnaswamy, an engineering lead on Google Photos. "It's much harder to guess than your password."
It's a perfectly valid security measure, although unsettling to some.
Posted on July 20, 2015 at 5:25 AM • 73 Comments