August 7, 2016 weblog
Dashlane, Google in open source password manager project
(Tech Xplore)—PC and tablet warriors who must access files and applications for work and for play tolerate their password rituals whether dozens or more times a day. Painful as entering passwords may be—forgetting some passwords, hitting the wrong keys trying to enter on others, leaving caps lock on—they offer security.
Passwords are necessary if you want to join life on the Internet. "If you are someone who spends a lot of time on the Internet, you probably have a ton of different ids at different websites, and if you follow along advice, a ton of different passwords as well. More than likely, you are also using a password manager, because it is difficult for us to remember all of this detail accurately all the time," said Aamir Siddiqui in XDA Developers.
For those who do use password managers, the interesting development now is that Dashlane, a password management business, and Google have put their heads together to set up an open source API project. This is aimed at making app logins for Android users simple yet secure.
The Open YOLO project as it is called will let apps access your password manager of choice. This is an easy to remember name for the undertaking—Open YOLO (You only Login Once).
Associate Editor Steve Dent in Engadget said that "you can log into apps automatically with no typing or insecure autofill. Dashlane is spearheading the venture in cooperation with other password managers..." Jose Vilches inTechSpot spelled out how this is going to work.
"The main idea is to allow any app built using the OpenYOLO API to access passwords stored in password managers that support the standard. Presumably once you sign in to whatever compatible password manager is on your device, you'll be automatically signed in to the apps on your device without having to input your password multiple times."
(Steve Dent remarked how "Details are light on how it works, but we assume you'd log in once to your password manager then get access to all apps that support Open YOLO.")
The Dashlane blog posted on August 4 by Malaika Nicholas announced the project. Actually, other "leading password managers" are also getting involved in the collaboration, she said.
The blog described this as an open API for app developers. It gives Android apps the ability to access passwords stored in the user's favorite password manager, and logs the user into those applications.
Vilches inTechSpot said that "OpenYOLO won't be limited to Dashlane or eventually even Android for that matter...The company also hopes to make the API available on other platforms over time."
Meanwhile, Gabriel Avner in Geektime covered the question of what good are password managers. Do you really want them in your life?
"For those who are perhaps a bit less security conscious (read paranoid) and are unfamiliar with password managers, they provide a nifty way to generate and store strong passwords without the need to remember them by heart or write them down on slips of paper."
Avner also said, "Understandably, not everyone is comfortable with the idea of forking over all of your passwords to a single database that if cracked could expose them to unwanted intrusions of privacy or harm. However the alternative to password managers is not really much of an option."
Ben Schoon in 9to5Google said that Google will likely be releasing more information on this API in the near future.
© 2016 Tech Xplore