At Dashlane, we talk a lot about the importance of using unique, complex passwords to protect your accounts. This is especially true when it comes to constructing your Master Password, which protects all the personal data and passwords that live inside your Dashlane account.
Since nothing is fully hack-proof, it begs the question:
What happens if Dashlane gets hacked?
We’ve written about this topic in the past, because it’s a question we get asked a lot. Here are five reasons your Dashlane data is safe, even if Dashlane gets hacked:
- Your Master Password is never sent or stored on our servers.
- Your Master Password is complex and unique, and since we never send or store it, it’s only known by you.
- We use the world’s strongest encryption to keep your other data obscured and secured.
- We store data securely with AWS (Amazon Web Services), which has the added benefit of Amazon’s 24-7-365 protection and detection services on top of our own.
- We continuously audit our security, both internally and externally, including utilizing paid professionals and white-hat hackers that constantly test our systems for vulnerabilities.
To put that into simpler terms, let’s imagine Dashlane as your local bank. Your local bank is outfitted with security cameras, bodyguards, locks, and an impressive alarm system—that’s the AES-256 encryption and the AWS servers, combined with the state-of-the-art alerts software we’ve invested in to help us detect breaches. On top of that, imagine that your local bank hired highly experienced bank robbers to try and break in and then provide feedback on where security is weakest—those are the paid professionals and white-hat hackers we use to stay ahead of the latest hacking schemes and improve defenses.
But no security is completely unbreakable. And that’s where your Master Password comes in. If Dashlane is your local bank, then your Dashlane account—protected by your Master Password—is a lock box located deep inside the bank. Even if a cybercriminal were able to hack into Dashlane’s systems and remain undetected by our breach-detection software long enough to find your account, they would be left with a locked box protected by a complex and unique password that is never sent or stored in Dashlane’s servers and is only stored in your head.
A complex, unique password takes more years to crack than there are atoms in the universe. If your Master Password is strong, you can rest easy knowing your data will remain protected even in the unlikely event that Dashlane gets hacked.
My Master Password is the key to my private data, so how do I keep it safe?
This is another question we get asked often—and for good reason.
There are two simple rules to keep your Master Password safe and ensure the privacy of your data:
- Never tell anyone your Master Password. This sounds obvious, but it’s really the only way that anyone has any chance of getting into your account. If you had a key that gave someone access to your house, your car, and your bank account, would you make copies and hand them out to everyone? If you’re worried someone might need access to your accounts in case of an emergency, use Dashlane’s Emergency feature (available in our desktop app) for peace of mind.
- Make sure your Master Password is complex and unique. You should never reuse your Master Password anywhere else for any reason. You shouldn’t even use a similar password anywhere else. We don’t recommend storing your Master Password digitally (i.e. your Notes app, Google Drive, or anywhere else connected to the internet). However, if you’re feeling anxious about remembering your Master Password, you can write it down somewhere inconspicuously for the first few days until you have it comfortably memorized. After that, the only place your Master Password should be stored is in your head.
Please note: If you forget your Master Password, we aren’t able to restore it for you because even we don’t know it. So, don’t forget it!
Adhering to these two rules is non-negotiable if you want to stay secure. And by the way, those are great rules to follow for all of your passwords. If your Master Password and all your account passwords are complex, unique, and only known by you, the chances of your private data being hacked are extremely slim. Those chances rise substantially if you choose to forego a password manager and rely instead on writing passwords on paper, using password tricks, reusing similar passwords across accounts, or using unsecure software (like your Notes App, a Google Doc, or an Excel file) to manage your passwords.
Essentially, a password manager’s job is to take your risk as close to zero as possible while still being easy to use every day, everywhere, across all your devices.
Try Dashlane now and see for yourself.