Password managers are effective tools that individuals, families, and businesses can use to store and organize the passwords they use for various online accounts. However, some people worry that these apps won’t provide the kind of security necessary to protect their sensitive information from hackers.
I completely understand your hesitation, and I’m here to help! In this handbook, I’ll explain how password managers work, the security measures they include, and how you can strengthen the security of these applications.
What is a password manager?
A password manager is a software application that stores passwords, account logins, IDs, and other private information securely on your computer, phone, and tablet. Many password managers allow you to log into all of your accounts automatically and input your information into form fields without any effort.
How do password managers work?
Usage – Password managers like Dashlane generally offer to remember your passwords as you browse the web, so getting started really isn’t that different from your normal online routine. As you create more accounts for home and work, your password manager can also generate strong passwords and remember those credentials for you. Really good password managers even have import features that let you grab all the passwords stored in your web browsers in seconds. Once you have a few passwords in your password manager, it will fill them accurately and automatically, so you don’t have to spend time typing, remembering or resetting them ever again.
Protection – Although you’ll never have to worry about memorizing your passwords ever again with a password manager, there’s just one password you do need to remember: your Master Password. Think of your Master Password as a key that unlocks your personal data; without it, neither you nor any hacker can access any of your saved data. A really safe password manager requires strong Master Passwords and won’t store any part of your Master Password so you can rest assured that your data cannot be accessed by anyone but you.
Storage – Password managers differ with regard to how they store your passwords and the different types of technology they use to protect the passwords you store. As one of the most advanced cloud-based password managers in the industry, Dashlane’s password manager allows users to choose whether they would like to store their data locally on their device or have their data backed up on their servers, protected by encryption, and synced across multiple devices. Did you know that not even a Dashlane employee can crack your private data and passwords stored on its servers?
Advantages – There are many advantages to using password managers – the convenience of autofilling passwords for you and always having them at your fingertips are a couple of big ones. But the primary reason to use a password manager is to generate and use long (definitely greater than 12 characters), random (never based on patterns, personal data, or common words) passwords for every account (no more re-using passwords!) using a system that makes these secure practices even easier than your normal routine!
How does one master password protect all of my accounts?
Your Master Password is the first line of defense protecting your passwords. For this reason, many password managers, including Dashlane, never store your Master Password (or any parts of it) on their servers. This is known as a “zero-knowledge protocol”, and it ensures that your Master Password and your stored data are as safe as they can be. As a result, in the unlikely event that Dashlane’s servers are compromised, you won’t have to worry about your stored data falling into the wrong hands.
Are my passwords safe in a cloud-based password manager?
Yes! Using a cloud-based service for password management is quite secure. Advanced password managers use Secure Sockets Layer (SSL) to securely transfer data between the server and the client, in addition to using AES-256 –the strongest encryption standard in the industry– to encrypt your data.
Dashlane is also the first and only password manager with a U.S. Patented Security Architecture, which encrypts all of your stored data with AES-256 and adds another layer of security and convenience by enabling two-factor authentication (2FA); it’s also the first password manager to support the FIDO Alliance’s Universal Second Factor (U2F) authentication standard and works with U2F-enabled YubiKeys by Yubico.
What does a password manager protect me from?
Password managers protect you from several different online threats:
Identity theft & phishing – If you visit a malicious website or use an unverified browser that the password manager doesn’t recognize, it won’t autofill in any of your payment or personal information. For additional protection, by default, Dashlane will ask you for your Master Password before entering your payment information on a checkout page.
Data compromise – Advanced password managers will immediately notify you of a data breach or compromised website with security alerts.
Password attacks – Hackers use several methods to steal or crack weak passwords. Common strategies include brute force attacks, dictionary attacks, rainbow table attacks, and phishing attacks. Password managers help you create strong, unique passwords that can withstand sophisticated password attacks.
Time-consuming password resets and failed logins – You have better things to do with your day than resetting passwords over and over again. Password managers are designed to save you time, boost your productivity, and eliminate password-related hassles.
What features should I look for in a password manager?
Here are a few features you should look for in a password manager:
Cross platform – Your password manager work on multiple devices and operating systems. For starters, look for a password manager that supports Android, Apple, and Windows devices, as well as wearables and tablets.
Browser extensions – To use your password manager’s autofill and autologin features, it should have a browser extension available for the browser of your choice. Most of the advanced password managers support popular browsers, including Firefox, Chrome, Safari, and Internet Explorer.
Secure notes – Password managers do more than just secure passwords. They also allow you to store all kinds of data, like your legal documents, wifi information, or a simple grocery shopping list. Choose a password manager with a secure notes feature, which will allow you to share this data safely with friends, family, and colleagues.
Digital wallet – Although it’s convenient to save your payment information into your favorite e-commerce websites, it also poses a huge security risk. Make sure your credit and debit card information is protected at all times by storing it in your password manager’s digital wallet. Dashlane’s Digital Wallet protects your payment information with the same military-grade encryption protecting your passwords and it is universally accepted on all checkout pages.
Password generator – To help you create stronger passwords, your password manager must have a Password Generator. Some password managers will give you the option of generating passwords on a registration page, within its browser extension, or within the app itself.
Automatic password changer – Password Changer is a feature exclusive to Dashlane that allows users to automatically change a password in one click, without having to leave their desktop app! It comes in handy whenever you need to change a password quickly after a security breach or hack has occurred.
What other security features should my password manager have?
Using a password manager is an excellent way to keep track of all of your passwords and protect your online accounts from hackers. However, security risks always exist. Here are the features that can help strengthen the security of your password manager:
Biometrics – Some password managers allow you to use biometrics, such as a fingerprint reader, instead of having to type in your Master Password. If you have an Android or iOS device, you can access your Dashlane account with Apple TouchID or Android’s Fingerprint Scanner.
Two-factor authentication – Two-factor authentication (2FA) involves adding an extra step to your login process. For example, you may be required to enter a code delivered to your phone via SMS in addition to your Master Password.
Local data storage – If you’re worried about your data being “stored in the cloud,” you can choose to keep your encrypted data purely local – i.e. only on your device.
Customizable security settings – Dashlane has special settings that can help boost your security. For example, you can ask Dashlane to make you enter your Master Password again when accessing sensitive data, enable automatic log out, or require Dashlane to verify the identity of a legitimate web browser.
Hardware-based password protection – Another increasingly popular security measure is supporting hardware-enhanced security technology. For instance, Dashlane will support Intel® Software Guard Extensions (SGX) a powerful new technology that takes password protection to the very core of PC devices–the silicon.
Password managers will help you improve the security of your accounts, keep your passwords organized and provide you with quick, convenient logins. As long as you choose the right application and use it appropriately, you’ll be far more secure using this tool.