Dashlane, Google in open source password manager project

Dashlane, Google in open source password manager project

(Tech Xplore)—PC and tablet warriors who must access files and applications for work and for play tolerate their password rituals whether dozens or more times a day. Painful as entering passwords may be—forgetting some passwords, hitting the wrong keys trying to enter on others, leaving caps lock on—they offer security.

Passwords are necessary if you want to join life on the Internet. "If you are someone who spends a lot of time on the Internet, you probably have a ton of different ids at different websites, and if you follow along advice, a ton of different as well. More than likely, you are also using a , because it is difficult for us to remember all of this detail accurately all the time," said Aamir Siddiqui in XDA Developers.

For those who do use password managers, the interesting development now is that Dashlane, a password management business, and Google have put their heads together to set up an open source API project. This is aimed at making app logins for Android users simple yet secure.

The Open YOLO project as it is called will let apps access your password manager of choice. This is an easy to remember name for the undertaking—Open YOLO (You only Login Once).

Associate Editor Steve Dent in Engadget said that "you can log into apps automatically with no typing or insecure autofill. Dashlane is spearheading the venture in cooperation with other password managers..." Jose Vilches inTechSpot spelled out how this is going to work.

"The main idea is to allow any app built using the OpenYOLO API to access passwords stored in password managers that support the standard. Presumably once you sign in to whatever compatible password manager is on your device, you'll be automatically signed in to the apps on your device without having to input your password multiple times."

(Steve Dent remarked how "Details are light on how it works, but we assume you'd log in once to your password manager then get access to all apps that support Open YOLO.")

The Dashlane blog posted on August 4 by Malaika Nicholas announced the project. Actually, other "leading password managers" are also getting involved in the collaboration, she said.

The blog described this as an open API for app developers. It gives Android apps the ability to access passwords stored in the user's favorite password manager, and logs the user into those applications.

Vilches inTechSpot said that "OpenYOLO won't be limited to Dashlane or eventually even Android for that matter...The company also hopes to make the API available on other platforms over time."

Meanwhile, Gabriel Avner in Geektime covered the question of what good are password managers. Do you really want them in your life?

"For those who are perhaps a bit less security conscious (read paranoid) and are unfamiliar with password managers, they provide a nifty way to generate and store strong passwords without the need to remember them by heart or write them down on slips of paper."

Avner also said, "Understandably, not everyone is comfortable with the idea of forking over all of your passwords to a single database that if cracked could expose them to unwanted intrusions of privacy or harm. However the alternative to password managers is not really much of an option."

Ben Schoon in 9to5Google said that Google will likely be releasing more information on this API in the near future.


Explore further

Should you worry about 32 million hacked Twitter passwords?

© 2016 Tech Xplore

Citation: Dashlane, Google in open source password manager project (2016, August 7) retrieved 25 August 2019 from https://techxplore.com/news/2016-08-dashlane-google-source-password.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
11 shares

Feedback to editors

User comments

Aug 08, 2016
Regarding this part:
"The main idea is to allow any app built using the OpenYOLO API to access passwords stored in password managers that support the standard. Presumably once you sign in to whatever compatible password manager is on your device, you'll be automatically signed in to the apps on your device without having to input your password multiple times."

I have a feeling someone is going to try to access passwords for *other* apps by faking their own credentials to look like those of the intended target app. (hmm...that might work even with today's password managers). Password managers are nice (I use on myself), but I'm not fully convinced they are secure.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more