Applications

Google wants to help you manage your passwords

The search giant intends to use password managers to log you in to your Android apps, a process that could expand to other devices and operating systems.

password-manager-promo.jpg

Via a new Google project, you eventually may not have to remember the passwords to your apps or websites.

Matt Elliott/CNET

Google is looking to rid you of the burden of remembering passwords.

Password manager Dashlane said Thursday it's partnering with Google on a project that will enable Android users to easily and securely log in to their mobile apps via stored passwords. It's called Open Yolo -- you only log in once. The project would involve other companies that make password managers, which automatically create, store and apply passwords for websites so you don't have to remember them.

Passwords have become a necessary evil for logging in to websites and apps. It's tough to create and recall them, and they're not fail-safe. Other security methods, such as fingerprint and iris scanning, are simpler and more secure, but they're still in their infancy. Integrating password managers directly into your website and app logins could prove to be the best solution.

Password managers are a viable way to avoid dealing with passwords. But multiple password managers -- including Dashlane, Roboform, LastPass and 1Password -- all try to do essentially the same job. Which one should you use? Well, the goal behind Open Yolo is to come up with a single, more seamless login process that taps into whichever password manager you use.

So far, such leading password managers as 1Password, LastPass, Keeper and KeePass are either already participating in the project or have expressed a strong interest in it, a Dashlane spokeswoman told CNET. One password manager ideal for the project is Smart Lock, a tool already built into your Google account. Introduced last year, Smart Lock can automatically log you in to an Android app and apply your username and password to websites opened through the Chrome browser.

Open Yolo currently exists as an open API (application programming interface), which allows app developers to support different password managers. Any maker of a password manager can contribute its own technology and expertise to try to enhance and develop the API. With the open API, a password-protected app would be able to query other sources of credentials -- such as Dashlane, another password manager or even another browser -- if it contains a credential for the app, the spokeswoman said.

"The big picture is to make password managers more proactive and more transparent, which means it will be seamlessly available every time you need it," the spokeswoman said. "This project is the first big step towards making security simple and accessible for every user, on every device."

Google is expected to approve the API by next month.

For now, Open Yolo's focus is to create a login process for Android apps, but the project has bigger aspirations.

"In the future, we see this open API going beyond just Android devices, and becoming universally implemented by apps and password managers across every platform and operating system," Dashlane said in Thursday's blog post. "Ultimately, we look forward to expanding this collaborative project, so that it will benefit the entire security ecosystem as a whole."

Updated at 2 p.m. PT with comments from a Dashlane spokeswoman clarifying some details of the project.