There are a lot of dumb password rules, and even apps or extensions that claim to help you navigate these 8-20-character log-ins (all with different criteria) have been prone to data breaches or, at the very least, a frustrating user experience.
Parteek Saran thinks he has a solution. A former Google employee (who also, randomly, helped set up an app for Lady Gaga’s 2013 album ARTPOP), Saran thinks instead of scolding or reshaping user behavior around passwords, it’s up to the tech side to find a better and more convenient way to offer security and password management.
So he created Uno, a new Andreessen Horowitz-backed password manager that’s just as much about design and social networking as it is about log-in security. “Security is a chore,” Saran tells InsideHook. “If we wanna get adoption, we need to flip how we think about security.”
What Do You Do When Your Password Manager Gets Hacked?The latest hacking at LastPass means it’s time to up your online security yet again
The impetus for Uno was actually when Saran himself got compromised. “I had a bad password on my Gmail,” admits the former Google employee. “The irony is that at Google they enforce strong security practices, but I had never practiced those guidances in my personal life. I realized I didn’t understand the rules or the guidance, even though I came from tech.”
Uno’s solution is to make password management…kinda fun? “We emphasize design,” he explains. “We don’t spend that much time emphasizing the password manager part. A lot of security can feel really technical. So we talk more about reducing friction on the web, about making log-ins one click or being faster than what’s out there. We’re designing this for regular folks.”
Uno offers a number of unique functions within its password security framework. In lieu of a passphrase or a more complex workaround if you lose your device or access to your Uno account, the company offers what they call a social recovery plan, where you can entrust friends and family to help you recapture your information. And with Peekaboo, it provides a shortcut to those annoying (but secure) two-factor authentication log-ins; instead of hunting through your email, Peekaboo shows you that one-time password in the corner of your webpage, so you never have to leave your browser or tab.
At the same time, Uno also does all the things that you want a password manager to accomplish: It’s a central hub for all your passwords that will eventually work across all your devices. Ideally, you’ll be able to sign into any of your preferred sites with a single click (and also get addresses and credit card info automatically filled out on different websites). It can also secure your crypto keys and import passwords from other managers.
Obviously, the first thing a password manager should offer is actual security. To that end, Uno promises they never have access to your private logins, browsing data or emails; all authentication happens locally on your devices. They also utilize what they call “best practice elliptic curve 25519 cryptographic algorithms” to encrypt data and to sign messages between components and users within their system. “Your secret data is mathematically indistinguishable from random noise,” they claim.
Currently, Uno is available for Mac, iOS and the Chrome browser. By design, it’s a bright app — there are lots of colors and big buttons, and it looks a bit more like an exercise or productivity app than a password manager. When I added a device (via QR code) to my account, a celebratory explosion of fireworks, tiny locks and signs that said “cool” bounced across my screen.
Are all these bells and whistles going to make me give up Dashlane, my password manager of choice for nearly 11 years? I admittedly haven’t spent enough time with Uno to figure out if the switch is worth it; Dashlane’s free tier has been fine (secure, if a bit wonky in filling out certain passwords and other website prompts) and coupled with my various browser and phone password managers, I’m content.
But if I were new to the world of password managers, I might start with Uno. It’s certainly more eye-catching and a bit less clinical than other password managers while fulfilling the same role…which is not having to remember your 15-character login to Banana Republic (that needs an uppercase letter, lowercase letter and a special character) that you’ll inevitably forget and have to reset. And you’ll inevitably wind up choosing something you can remember, which isn’t necessarily safe.
“Not using a strong password because you feel like you’re losing control is a real thing,” says Saran. “If this a common behavior, how do we design for it and keep you secure? Our goal is that if you don’t understand the technology, we want to make password management easy and accessible while keeping you safe.”
This article was featured in the InsideHook newsletter. Sign up now.