Dashlane's Free Automatic Password Changer

Category: Security

The “best practices” for password security are 1) make your passwords long and obscure; 2) never write them down where they can be stolen; and 3) change them every 30 days. Unfortunately, all of that is so difficult that it seldom gets done. The key to password security is to make is easy. Read on to learn how you can strengthen and change all your most important passwords in just a few seconds...

Password Changer is a Game Changer

Software such as RoboForm and LastPass simplify password management by storing many passwords in an encrypted “vault” and filling them in automatically when they are requested on websites. They all will generate long, complex passwords on demand. You just have to remember one master password to unlock the vault and set a reminder to change passwords monthly.

Password managers have evolved additional features such as auto-filling forms, backing up data and passwords to the cloud, syncing passwords across devices, adding support for two-factor authentication, importing bookmarks and competitors’ password file formats, and so on. Like other security software, password managers are locked in an ever-escalating features war.

Into this fray jumped Dashlane. It does all of the above, including two-factor authentication in version 2.0. If you enable two-factor authentication, Dashlane will text to your phone a code that you must enter manually before your master password will unlock Dashlane’s vault.
Dashlane Automatic Password Changer

It also does a great job of minimizing keystrokes, the second most important function of a password manager. For example, when you want to log in to Facebook you don’t have to choose a profile from a drop-down list, as you do in some other programs. Dashlane recognizes the Facebook log-in screen, fills in your username and password, and even “clicks” the log-in button for you. The log-in screen flashes by so fast you may miss it if you blink.

Dashlane version 2.0 introduces a “security dashboard” where you can review all of your passwords. It highlights weak and outdated passwords, nudging you to strengthen your defenses.

Automated Password Changing

But the more interesting news in the latest version is the Password Changer, which lets you update your passwords with a single click. You select the sites on which you want to change your passwords (about 75 popular sites, including Facebook, Twitter, Google, Amazon and Dropbox are supported). Dashlane will generate new passwords, then automatically login and change your passwords on the selected sites in just seconds.

This is pretty awesome in light of the fact that security breaches like HeartBleed and ShellShock are occurring at an alarming pace, and the best course of action when these things happen is to change all your passwords. Doing it manually is a huge nuisance. Clicking a button to make it happen is (almost) fun.

Lastpass, a Dashlane competitor, introduced a password changer feature just a day after Dashlane announced theirs. It supports the Chrome, Safari, and Firefox browsers, but not Internet Explorer. It also lacks the automation offered by the Dashlane password changer. You'll need to select a site, do the password change, select the next site, and so on. But still, it's a time saver over logging into each site and navigating to the password change page. I'll admit that not having this feature in Roboform has made me dread the task of updating some of my own passwords on a regular basis.

On the downside, cross-platform syncing with Dashlane now costs $39.99 a year. That means passwords and form data that are stored on your PC are not available on your phone unless you pay. Earlier free versions feature syncing; users are urged to donate voluntarily.

Dashlane also acts as a digital wallet, storing your credit card and even Paypal data securely and filling in their details wherever needed. If you have multiple versions of a profile (e. g., different shipping addresses you’ve used on Newegg.com), Dashlane stores them all and lets you pick one from a drop-down menu.

Dashlane cannot work in the iOS Safari browser thanks to Apple’s developer rules; neither can any other password manager. Dashlane gets around this with its own mini-browser, which you must open whenever you want to supply a password on an iPhone or iPad.

Aside from the premium syncing fee, Dashlane is a fine option for a password manager and digital wallet. I've been using the paid version of Roboform for years, so I'll be considering a change when my next renewal comes due.

Your thoughts on this topic are welcome. Post your comment or question below...

 
Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 22 Dec 2014


For Fun: Buy Bob a Snickers.

Prev Article:
6 Reasons to Trash Your Fax Machine

The Top Twenty
Next Article:
iDrive Universal Backup

Most recent comments on "Dashlane's Free Automatic Password Changer"

(See all 22 comments for this article.)

Posted by:

GuitarRebel
22 Dec 2014

Bob, I went to the link and saw Free vs. Premium at $39.95. Did I miss something?

EDITOR'S NOTE: Sorry, that was the old price. Updated now.


Posted by:

Gary
22 Dec 2014

I just checked Dashlane's site and it now costs $39.95 a year, but I think I will give it a try. This is a good article and I'm probably not the only one that needed reminding about password security.

EDITOR'S NOTE: Thanks, I've already updated the article. That $20 was the old price, which you correctly noted has gone up to $39.95


Posted by:

Steve
22 Dec 2014

I believe the important area to protect is my online banking and this is where my alphanumeric passwords are more complex. I have a different password for each requirement and, because of the method I use, have no difficulty in making changes. Consequently I'm averse to paying for the service and also detect a complexity which I don't want to mess with.


Posted by:

Daniel Wiener
22 Dec 2014

Dashlane sounds good, but I still have some concerns:

1. All of my keys are now under the control of the Dashlane program. If anything were to happen to it, my keys would be unavailable until the problem was fixed (if it could be fixed). I feel better knowing my actual keys (even if that means they can't be as long and random) than only knowing the key to a vault.

2. Everything is now dependent on my remembering (or recording) the key to the vault. That makes it a single-point failure.

3. What happens if I am incapacitated or die? I still need to make sure that trusted family members or friends can get access to my vault.

In fairness, the above objections are generalized ones for all password protection. I already use my own private vault (an encrypted file which stores my various passwords and other crucial financial data) which I can consult when my memory fails me. And family members know where and how to access it if necessary.

The problem with all locks is that you want them to be perfectly secure against intruders, but not so perfectly secure that you (or an heir) couldn't pick your own lock if you had to. That tension will always exist.

As far as the strength of a password is concerned, I'm attracted to the Haystack Theory (grc.com/haystack.htm) of using simple, easy to remember passwords with lots of padding.


Posted by:

Jimmy
22 Dec 2014

Sounds like a great tool. Would the free version give an indication of how good the paid version is? I'm temporarily unemployed.


Posted by:

Kirill
22 Dec 2014

Is there a program that would store your master password for that program and change it every 30 days according to the security advice automatically?

Also if that program is so safe and is virtually impossible to break, what happens if you just forget your current master password for all your stored and automatically generated passwords? I bet there is a reason for old proverb to not keeping all eggs in one basket. So do the math and predict your future with this program.


Posted by:

jeff44663
22 Dec 2014

I have been a faithful Dashlane user for quite some time now, and I have been amazed at its simplicity. The user interface is very intuitive, and I am convinced that it is every bit as safe to use and secure as it claims to be. I have not had any issues at all with any bugs or with anything that has adversely affected the computer.

I also have a Windows Phone, and from a Dashlane standpoint, that's one thing where one can say "there ISN'T an app for that." Therefore I opted not to pay for basically only a synch'ing feature. I am also impressed with the new password changer (actually just with its existence since I've yet to use it). I am anxious to put it through its paces and see it do what it's supposed to do, especially given that the Security Dashboard has been yelling at me daily (not really) for having weak and/or overused passwords.


Posted by:

Nigel
22 Dec 2014

Wish I could trust a password company to keep my information a secret. But I do not.

EDITOR'S NOTE: Good news! You don't have to trust them. You have the option to store all the data on your local computer, or in encrypted form on their server. In the latter case, only you would have the encryption key.


Posted by:

Chuck
22 Dec 2014

I don't always understand everything I know about computers. If I set up Dashlane and they have a power outage or terrorist attach, does this mean I wouldn't be able to open up any of my online accounts, unless I have a printed copy of all the passwords stashed somewhere?

EDITOR'S NOTE: No, you'd have a local (encrypted) copy of the passwords.


Posted by:

Tom
22 Dec 2014

I certainly think this is a very important security tool but the double the price to 40$ per year is too much. What does your volunteer donation refer to? Other good tools are available at no or at least a reasonable cost.
I enjoy your publications.


Posted by:

Susie
22 Dec 2014

Hi Bob. I just wanted to mention KeePass as well. It is a free password manager that I've been using since the Heartbleed epidemic and I'm very happy with it. It also recognizes the website and automatically logs in with one keystroke, which I really like.

It doesn't have the change password feature you've mentioned in this article. I'd like that feature, but the passwords I'm most worried about are for financial websites (banks, credit cards, etc.) and none of those are included on the list of 75 that Dashboard works with.

I don't use two factor authentication with it but apparently there is a plug-in you can get to provide that functionality.

I just found this article and am wondering about setting up the system suggested in it. https://joscor.com/2014/10/tutorial-using-keepass-two-factor-authentication/ Do you have any thoughts? (Feel free to not include this last paragraph when you post to your page.)


Posted by:

Darcetha
22 Dec 2014

Thanks Bob, for this valuable information. I'll check this site out. However, I do have a question. Do you know of any other free sites that do the same thing?


Posted by:

Ed OConnor
22 Dec 2014

I have also been using RoboForm for many years and like it very much; however, I have noticed lately more sites are not accepting sign-ins directly from RoboForm I am having to manually enter name and password on more and more sites.


Posted by:

Steve
23 Dec 2014

Dashlane sounds like a good program, but not at $40 a year when LastPass can be had for $12. I too have been using RoboForm for several years. I mostly use LP and probably will drop RF to keep my life simple. LP also has 2-Factor Authentication and can also be used with a Yubikey which is really nice.


Posted by:

Bob
23 Dec 2014

Didn't you once explain how you don't NEED to change passwords frequently? - if you have a good one to begin with...

EDITOR'S NOTE: ...and there's a breach that reveals your password to Evil Hackers... then YES, you need to change it.


Posted by:

Bob Krampetz
23 Dec 2014

Didn't you once explain how you don't NEED to change passwords frequently? - if you have a good one to begin with ..


Posted by:

roberto garcia
23 Dec 2014

i am thinking what happens if somebody steel may master password, change and let me out. that happen to me few days ago. a hacker change all my passwords and let me out. I try to contact google, but they don't have costumer service to help you. so i lost all my contacts, my email, everything. terrible.


Posted by:

Al
23 Dec 2014

What if one has several different email accounts with one company (eg. several gmail accounts). Does Dashlane differentiate between them? I've had problems with a different password generator on this topic.

EDITOR'S NOTE: I would certainly hope so -- they have unique usernames. If not, it would be a flaw in the software.


Posted by:

Nigel
23 Dec 2014

Wish I could trust a password company to keep my information a secret. But I do not.

EDITOR'S NOTE: Good news! You don't have to trust them. You have the option to store all the data on your local computer, or in encrypted form on their server. In the latter case, only you would have the encryption key.

RESPONSE: If the program can change passwords on 3rd party websites, it can "phone home" that same information. So I have to trust that it does not. Hence my original comment.


Posted by:

GeorgeY
25 Dec 2014

I've been using "password safe" for a while now and it's an amazing too. No back doors. And best of all it's free! Give it a try and let me know what you think.Here's the link http://passwordsafe.sourceforge.net/


There's more reader feedback... See all 22 comments for this article.

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- Dashlane's Free Automatic Password Changer (Posted: 22 Dec 2014)
Source: http://askbobrankin.com/dashlanes_free_automatic_password_changer.html
Copyright © 2005 - Bob Rankin - All Rights Reserved