Google's YOLO Password Manager Promises "You Only Log-in Once"
Android developers will now be able to make their apps find their login data in a password manager.
Google and Dashlane have partnered to give the acronym YOLO a slightly new meaning. The Open YOLO — “You Only Login Once” — API to remove the last excuse for not using a password manager.
“To stay one-step ahead of the market demand,” Dashlane wrote in its announcement of the API, “Google and Dashlane are helping create a seamless, universally-acceptable Android app authentication solution to increase your online security.”
In simpler terms, this means that Android developers will now be able to make their apps find their login data in a password manager, request access to that data, and use it. This is much more convenient than copying an item from a password manager, switching to the other app, and pasting it in a text field.
This means that more people can use a password manager without having to worry about being frustrated when they try to sign in to an app. That’s good news, because using a password manager is currently the easiest way to make sure your most personal information isn’t going to be compromised by a weak password.
People suck at coming up with passwords, especially if they have to replace them on a regular basis. That’s why many people use “password,” “12345678,” or some variation of a password like “ZeldaFan88” or “ZeldaFan89” on multiple sites.
Those passwords are easy to remember, but they’re also easy to guess. And even if a password is less simple, like “Rf*3PJ,6Ba,” using it across multiple websites means that a security breach on any of those sites puts all of the others at risk. The solution: Tools that create and remember passwords that are truly secure.
So if a 19-year-old Windows bug reveals your Microsoft account password, for instance you don’t have to worry about that same password being used to access your Facebook account. One failure doesn’t result in a disaster.
Password managers also have some benefits over biometric security, not least of them being the fact that hackers can’t 3D print a password to access your phone. That can’t be said for biometric security, as horrifying as that seems.
The problem is getting information out of password managers. This is easy in a web browser — most password managers offer extensions that can automatically fill information — but harder in applications. Open YOLO promises to address that issue so people don’t get frustrated and give up on improving their cybersecurity.
“This project is the first big step towards making security simple and accessible for every user, on every device,” Dashlane writes in its announcement. “In the future, we see this open API going beyond just Android devices, and becoming universally-implemented by apps and password managers across every platform and operating system. Ultimately, we look forward to expanding this collaborative project, so that it will benefit the entire security ecosystem as a whole.”
Plenty of companies are trying to kill password-based security mechanisms. But each of those systems has their own drawbacks, and until people settle on a replacement that works for everyone no matter what device they use, passwords are here to stay. Companies like Dashlane and Google might as well make them more secure.
Full Disclosure: I worked in the customer support department for 1Password, a competitor to Dashlane, for two months between April 2016 and June 2016.