Google has taken the next big step forward in its war against the password – an open source system to instantly and securely log you into apps on your phone using your password manager.
A partnership with Dashlane and other password managers, the new open source project called Open Yolo (You only login once) aims to provide a secure link between third-party android apps and password managers. Using the system, users would only need to log into their password manager to access all their apps, without retyping any usernames or passwords.
Dashlane community manager Malaika Nicholas said: “To stay one-step ahead of the market demand, Google and Dashlane are helping create a seamless, universally-acceptable Android app authentication solution to increase your online security.
“In the future, we see this open API going beyond just Android devices, and becoming universally implemented by apps and password managers across every platform and operating system.”
Many password managers already allow users to login using a smartphone’s accessibility features on Android, which act like another virtual keyboard to type in your login details for you into password boxes, but the implementation is clumsy and not universal. Apple’s iOS has a more integrated solution, allowing password managers to link directly into password boxes, but few apps actually support the feature.
The reusing of simple passwords has become a real problem for security, and while unique passwords under 14 characters are no longer recommended, it is almost impossible for the average user to remember the many passwords they need each day. Biometric security systems that use your fingerprint or iris to identify a user are becoming popular, but cannot be used in every situation.
This partnership with password managers is not the first attempt Google has made to try and devise a system to rid users of password burden. Its push-notification login system, which is currently in use as a two-step authentication tool, recently removed the need for multiple codes for verifying logins to Google products.
The company’s smart lock system built into Android allows for various different ways of logging into a device using the motions of your body, your face, voice or location. Smart lock also allows limited password sharing from those stored in Chrome’s password library.
Meanwhile, the Trust API project is designed to recognise a user from the way they use their device and remove the need for passwords when the user is recognised.
Apple also recently unveiled a new system that allows Apple Watch wearers to log into a Mac laptop simply by being in close proximity to it, removing the need to enter a password to log in.
- Google is making two-step verification less annoying
- Google aims to kill passwords by the end of this year
guardian.co.uk © Guardian News & Media Limited 2010