The Essential 2017 Handbook to Choosing a Password Manager

Password managers are effective tools that individuals, families, and businesses can use to store and organize the passwords they use for various online accounts. However, some people worry that these apps won’t provide the kind of security necessary to protect their sensitive information from hackers.

I completely understand your hesitation, and I’m here to help! In this handbook, I’ll explain how password managers work, the security measures they include, and how you can strengthen the security of these applications. 

What is a password manager?

A password manager is a software application that stores passwords, account logins, IDs, and other private information securely on your computer, phone, and tablet. Many password managers allow you to log into all of your accounts automatically and input your information into form fields without any effort.

How do password managers work?

Usage – Password managers like Dashlane generally offer to remember your passwords as you browse the web, so getting started really isn’t that different from your normal online routine. As you create more accounts for home and work, your password manager can also generate strong passwords and remember those credentials for you. Really good password managers even have import features that let you grab all the passwords stored in your web browsers in seconds. Once you have a few passwords in your password manager, it will fill them accurately and automatically, so you don’t have to spend time typing, remembering or resetting them ever again.

Protection – Although you’ll never have to worry about memorizing your passwords ever again with a password manager, there’s just one password you do need to remember: your Master Password. Think of your Master Password as a key that unlocks your personal data; without it, neither you nor any hacker can access any of your saved data. A really safe password manager requires strong Master Passwords and won’t store any part of your Master Password so you can rest assured that your data cannot be accessed by anyone but you.

Storage – Password managers differ with regard to how they store your passwords and the different types of technology they use to protect the passwords you store. As one of the most advanced cloud-based password managers in the industry, Dashlane’s password manager allows users to choose whether they would like to store their data locally on their device or have their data backed up on their servers, protected by encryption, and synced across multiple devices. Did you know that not even a Dashlane employee can crack your private data and passwords stored on its servers?

Advantages – There are many advantages to using password managers – the convenience of autofilling passwords for you and always having them at your fingertips are a couple of big ones. But the primary reason to use a password manager is to generate and use long (definitely greater than 12 characters), random (never based on patterns, personal data, or common words) passwords for every account (no more re-using passwords!) using a system that makes these secure practices even easier than your normal routine!

How does one master password protect all of my accounts?

Your Master Password is the first line of defense protecting your passwords. For this reason, many password managers, including Dashlane, never store your Master Password (or any parts of it) on their servers. This is known as a “zero-knowledge protocol”, and it ensures that your Master Password and your stored data are as safe as they can be. As a result, in the unlikely event that Dashlane’s servers are compromised, you won’t have to worry about your stored data falling into the wrong hands.

Are my passwords safe in a cloud-based password manager?

Yes! Using a cloud-based service for password management is quite secure. Advanced password managers use Secure Sockets Layer (SSL) to securely transfer data between the server and the client, in addition to using AES-256 –the strongest encryption standard in the industry– to encrypt your data.

Dashlane is also the first and only password manager with a U.S. Patented Security Architecture, which encrypts all of your stored data with AES-256 and adds another layer of security and convenience by enabling two-factor authentication (2FA); it’s also the first password manager to support the FIDO Alliance’s Universal Second Factor (U2F) authentication standard and works with U2F-enabled YubiKeys by Yubico.

What does a password manager protect me from?

Password managers protect you from several different online threats:

Identity theft & phishing – If you visit a malicious website or use an unverified browser that the password manager doesn’t recognize, it won’t autofill in any of your payment or personal information. For additional protection, by default, Dashlane will ask you for your Master Password before entering your payment information on a checkout page.

Data compromise – Advanced password managers will immediately notify you of a data breach or compromised website with security alerts.

Password attacks – Hackers use several methods to steal or crack weak passwords. Common strategies include brute force attacks, dictionary attacks, rainbow table attacks, and phishing attacks. Password managers help you create strong, unique passwords that can withstand sophisticated password attacks.

Time-consuming password resets and failed logins – You have better things to do with your day than resetting passwords over and over again. Password managers are designed to save you time, boost your productivity, and eliminate password-related hassles.

What features should I look for in a password manager?

Here are a few features you should look for in a password manager:

Cross platform – Your password manager work on multiple devices and operating systems. For starters, look for a password manager that supports Android, Apple, and Windows devices, as well as wearables and tablets.

Browser extensions – To use your password manager’s autofill and autologin features, it should have a browser extension available for the browser of your choice. Most of the advanced password managers support popular browsers, including Firefox, Chrome, Safari, and Internet Explorer.

Secure notes – Password managers do more than just secure passwords. They also allow you to store all kinds of data, like your legal documents, wifi information, or a simple grocery shopping list. Choose a password manager with a secure notes feature, which will allow you to share this data safely with friends, family, and colleagues.

Digital wallet – Although it’s convenient to save your payment information into your favorite e-commerce websites, it also poses a huge security risk.  Make sure your credit and debit card information is protected at all times by storing it in your password manager’s digital wallet. Dashlane’s Digital Wallet protects your payment information with the same military-grade encryption protecting your passwords and it is universally accepted on all checkout pages.

Password generator – To help you create stronger passwords, your password manager must have a Password Generator. Some password managers will give you the option of generating passwords on a registration page, within its browser extension, or within the app itself.

Automatic password changerPassword Changer is a feature exclusive to Dashlane that allows users to automatically change a password in one click, without having to leave their desktop app! It comes in handy whenever you need to change a password quickly after a security breach or hack has occurred.

What other security features should my password manager have?

Using a password manager is an excellent way to keep track of all of your passwords and protect your online accounts from hackers. However, security risks always exist. Here are the features that can help strengthen the security of your password manager:

Biometrics – Some password managers allow you to use biometrics, such as a fingerprint reader, instead of having to type in your Master Password. If you have an Android or iOS device, you can access your Dashlane account with Apple TouchID or Android’s Fingerprint Scanner.

Two-factor authentication – Two-factor authentication (2FA) involves adding an extra step to your login process. For example, you may be required to enter a code delivered to your phone via SMS in addition to your Master Password. 

Local data storage – If you’re worried about your data being “stored in the cloud,” you can choose to keep your encrypted data purely local – i.e. only on your device.

Customizable security settings – Dashlane has special settings that can help boost your security. For example, you can ask Dashlane to make you enter your Master Password again when accessing sensitive data, enable automatic log out, or require Dashlane to verify the identity of a legitimate web browser.

Hardware-based password protection – Another increasingly popular security measure is supporting hardware-enhanced security technology. For instance, Dashlane will support Intel®  Software Guard Extensions (SGX) a powerful new technology that takes password protection to the very core of PC devices–the silicon.


Password managers will help you improve the security of your accounts, keep your passwords organized and provide you with quick, convenient logins. As long as you choose the right application and use it appropriately, you’ll be far more secure using this tool.

Ready to give a password manager a try? Download Dashlane! Our award-winning app is free and available on PC, Mac, Android, and iOS devices. Visit https://www.dashlane.com for more information. 

 

Still have questions about password managers? These articles can help!
Skeptical about password managers? We answer all of your questions and concerns in this guide!
Afraid you’ll forget your Master Password? We show you 3 tricks that can help!
Here’s the complete guide to finding long-lost passwords hiding virtually anywhere
A 5-step Guide to Checking “Secure My Passwords” Off Your To-Do List
Here’s how to make online shopping a breeze with Dashlane’s Digital Wallet

 

 

  • Chris White

    “Cross platform – Your password manager work on multiple devices and operating systems.”

    It’s a shame you still haven’t taken this advice yourselves and made your product truly cross platform. Despite many vague replies previously hinting that a Linux client may be coming soon, it’s never actually materialised. I’ve asked a few times, most recently over a year ago and was teased with:

    “Actually 🙂 We’re starting to work on the availability issues that you mentioned. I can’t share details, but our jam-packed roadmap has some exciting things coming for non-Windows/Mac users. I hope you’ll stick around and see!”
    https://blog.dashlane.com/introducing-dashlane-4/

    Unfortunately nothing exciting has happened since, and there are no signs that it’s even in the pipeline. Is there any chance somebody can give a straight, honest answer?
    If you don’t care enough about Linux or don’t feel it’s worth while to develop for, that’s fine. Just be honest and say that. If you actually do want or plan to develop for Linux – then how about a proper update with some real details?
    What have you looked at? Has there been or is there any active development? What sort of issues have been preventing development?

    I’d really love to know your thoughts either way.

    Thanks
    Chris

    • Hey Chris,

      Thanks for following up, and any apologies for any misleading messaging.

      Linux support is something that we’ve been looking into for a while now. It’s not that we don’t “care enough about Linux or don’t feel it’s worth while to develop for” (in fact, a majority of our Engineering team uses Linux personally). However, to be perfectly honest, we are prioritizing making critical and necessary improvements to our current platforms that related to performance and stability before investing extensive resources to creating an app from scratch for a completely different platform.

      However, I should note, recently, we have demonstrated our desire to expand to new platforms. For instance, we now support new browsers like Brave, Opera (unofficially), and soon will support MS Edge and future versions of Chromebooks operating on ChromeOS and the Google Play Store.

      Also, in full transparency, we are working on a solution to give support to Linux users, but I don’t have a specific timeline or additional information I can share publicly at this time.

      I know this probably isn’t the answer you were looking for, and I understand how frustrating this is, but I can assure you, calls for Linux support are not ignored or forgotten.

      I appreciate your patience as we work on this!

      Kind regards,

      Malaika Nicholas