Saphire Lattice

TIL of OpenYOLO - "You only login once"

Basically.. proto-FIDO2 but it directly let pages request a password from an authenticator lmao. And save credentials too, not unlike a passkey.

https://openid.net/specs/openyolo-android-03.html

https://github.com/openid/OpenYOLO-Web

What a silly old thing, sheesh. Is this what modern webauthn was born from, or was that a parallel effort?

Glad we have better stuff now that uh, wouldn't get popped from the first XHR that gets found for a site

#passkeys #fido2 #webauthn

OpenYOLO for Android

OpenYOLO for Android is a protocol for retrieving, updating and assisting in the creation of authentication credentials. This document describes the core concepts of OpenYOLO, and the platform-specific details for implementing the OpenYOLO protocol on Android. What's in a name? YOLO stands for "You Only Login Once", which is the internal code-name for Google's Smart Lock for Passwords API on Android. OpenYOLO is the open standards successor to YOLO, and came to be as a result of an initial collaboration between Google and Dashlane. OpenYOLO leverages the lessons learned from YOLO, and also ensures that implementations of OpenYOLO can compete on a level playing field. OpenYOLO would not have been likely to succeed without AgileBits, Keeper Security and LastPass, to whom we are grateful for their continued support and engagement.

Mar 22 at 7:26pmWeb