nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Google launches native Android Smart Lock password manager

Look out LastPass: Devs can shunt creds into OS vault

By Darren Pauli, 29 May 2015

Google I/O Android users will be able to store passwords in Google's native Smart Lock manager, in a security boon for the masses.

The Choc Factory launched the Smart Lock for Passwords at the I/O conference in San Francisco overnight available in the Android M developer preview.

It says developers including Orbitz, Netflix, and The New York Times have relaunched their apps to make use of the feature.

"By integrating Smart Lock for Passwords into your Android app, you can automatically sign users into your app using the credentials they have saved," the company says in a developer's guide.

"Use successfully retrieved credentials to sign the user in, or use the Credential API to rapidly on-board new users by partially completing your app's sign in or sign up form.

"Prompt users after sign-in or sign-up to store their credentials for future automatic authentication."

Netflix Smart Lock Password vault

Developers can store and retrieve usernames and passwords within Smart Lock including federated identity provider credentials using the Credential API..

With this release Google takes itself into competition with proprietary and open source password managers and also extends the Chrome browser password manager which retrieved logins when users visited respective websites in that browser.

Google announced other initiatives to tighten security screws including the ability to approve or decline specific app permission requests, rather than the present all-or-nothing approval process.

The finer-grained permissions regime is reminiscent of the unstable and since scuttled App Ops hidden feature in Android 4.3 which was nixed after its discovery. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing