It used to be a rare thing to hear of a major online website being hacked. But in 2013, its become a near-weekly event. Here are a few sites that have been hacked recently: Evernote, LinkedIn, Twitter, Facebook, and Apple. For every prominent website, there have surely been hundreds of smaller sites suffering a similar fate (or, worse, being hacked without realizing it!).
Some of the elite military cyberwarfare units from China, Russia, and the U.S. have been making headlines for gaining access to increasingly sensitive electronic systems. How do they do it? Often, by hacking less-secure public websites first for user names and passwords that can then often be used to unlock the more-secure sites.
See? You’re not the only one who reuses your passwords on more than one website application—people who work in our defense, finance, utility, healthcare, and government agencies (sadly) do too!
So, it seems that increased vigilance in managing our personal passwords is becoming not only an urgent need for our own identity protection, but in some cases, a matter of national security as well.
The good news is, there are free, easy, and excellent solutions to help you do just that! One I’ve been using recently that’s been getting great reviews is called Dashlane.
Here’s how Dashlane helped me when the recent Evernote hack was uncovered last week. I had just started using Dashlane the week previously and had only done a simple import of all my existing online logins and passwords into Dashlane thus far.
Before getting an email from Evernote, it was actually Dashlane that first alerted to me to the security breach. Dashlane then navigated me to their excellent “Security Dashboard” screen, who’s “Compromised” tab quickly showed me all the other websites where I was currently using that same Evernote password (yep, as you can see, I had been using it on 11 other websites!)
From that screen, I could easily click to each site to change my passwords, and when doing so, Dashlane provided a “Generate Strong Password” option to ensure my new password would be unique and much more difficult for hackers to crack than the single memorized one I’d been using previously.
Once that urgent job was done, I spent the next few evenings using the Dashlane Security Dashboard to review and update all the rest of my unsafe/reused passwords. The dashboard is quite intuitive and easy to follow—here’s a snipet of some of it’s key fields:
Once you have your passwords all nicely unique and robust, you certainly don’t want to have to manually enter them. No problem! Dashlane will now automatically log you into each site (or you can tell Dashlane to just prompt you when you click a site’s user name or password field).
Dashlane also has a “Notes” feature to store non-website info, such as your insurance, banking, and credit card information, corporate application logins, WiFi passwords, and other key bits of information you need to store securely. These notes can be categorized and color-coded for easy lookup later.
Additionally, Dashlane makes web form-filling and online shopping a fast and easy experience. Sure, your web browser can store this kind of data as well, but it’s not always as safe (especially if your PC hard drive is unencrypted or you don’t lock it with an OS-level password).
Web browsers often have a difficult time distinguishing between a “Street Address” and an “Address” field making you type the same information in each of these variously named fields. Dashlane is much smarter— your single contact info data can auto-fill virtually any web page.
When making online shopping purchases, Dashlane lets you populate credit card fields automatically (if you’ve stored one in the application), and optionally creates a line-item receipt and screenshot of your purchase so you can easily search and recall it later within Dashlane. Pretty cool!
Finally, it has a nice-looking “freemium” mobile app for iOS, Android, etc to go with the Mac or Windows desktop apps and various web browser plug-ins.
Dashlane offers good import capabilities to bring your data in from other password management applications (such as 1Password, KeePass, and LastPass) and/or your web browser’s stored password vault. It also exports data to either an encrypted Dashlane archive file or to an Excel or CSV text file (making it easy to keep a backup copy of your data or migrate to another app in the future).
Some folks are justifiably queasy with the notion of storing all your most-sensitive data in one application or syncing that data via the online “cloud”. Dashlane’s website provides a wealth of information detailing exactly how they protect your data. The key points:
- They never store your “master password” (used to unlock your encrypted data file) on their servers nor do their employees have any way to retrieve it from your device.
- A two-factor authentication key is used (the master password you create plus a device-specific code). So, even if a hacker were to get your encrypted data file, they’d also need to get your local device and local master password in order to access it.
- Your shopping history is never stored/saved where Dashlane can use it
- You can optionally turn off cloud-syncing and simply use the app’s manual import/export features if desired to share “local-only” data between multiple devices.
Dashlane’s main competitors to offer a similar mix of features are LastPass and 1Password. 1Password has a more-traditional “pay upfront” model that can run upwards of $70-90 to buy the app for each of your desktop and mobile devices. LastPass offers a free desktop web app, but then charges $12/year for their mobile app. Dashlane takes a “freemium” approach too, but also provides users a way to get those premium mobile features for free.
Their reward points system encourages users to use all features of the application more robustly (for instance, the more unsafe passwords you fix or more logins you save, the more points you earn). It’s also an ingenious way to grow the relatively young Dashlane community quickly by encouraging friends to recommend the app to other friends.
Speaking of which—here’s a way you can help me! If one of you signs up via this link below, I’ll get enough points for a free year of mobile app premium features, and you’ll get 10,000 points deposited to your Dashlane account (to get you some free premium features as well).
https://www.dashlane.com/en/cs/3b9d7a9d
If you find Dashlane as useful and cool a tool as I have, when you refer your friends to use it, you’ll get the same great deal for yourself and your friends!
So give it a try, and let me know how you like Dashlane!
