Dashlane is perceived as one of the greatest and brightest password managers. But let’s keep the taglines aside and check if it’s really worth the hype.
More internet simply translates to more signups, and we keep doing that until our brains fail to remember all those credentials.
This leaves us at crossroads: use a password manager or join the crowd using passwords like 1234 or qwerty.
Since you’re here, you must belong to the former category. But even someone belonging to the latter division should start using a password manager right away because cybercrimes are only uncommon until they happen to us.
So, why wait? Instead, try…
Started in 2012, Dashlane is a freemium password manager which also offers a 30-day no-credit card trial covering all its premium features except VPN. However, you can safely subscribe to its personal plan and cancel within 30-days to get a full refund.
The feature list is typical of a password manager. However, there are surprises as well:
- AES-256 bit encryption
- Unlimited passwords
- Dark web monitoring
- Personal alerts
- Notes, IDs, Cards
- Encrypted storage
- Two-factor authentication
- Password health check
- Password generator & Sharing
Without any further ado, let’s jump to the hands-on.
Note: I’m testing Dashlane on Microsoft Edge from a Windows 11 PC.
Dashlane: Getting Started
First things first, they have discontinued the desktop applications. So you have the web app and browser extensions at work. While this may be disappointing to some, personally, I hardly used desktop applications of password managers in the last few years.
So, I would advise keeping an open mind and trying this out because–*spoiler alert*–the initial impressions are great, and you wouldn’t want to miss this.
Visit the Dashlane pricing page, and select your preferred plan for trial or direct purchase.
You can jump in with an email id and a (strong) master password which Dashlanes won’t remember for you.
That’s it, and it’s great for user convenience.
But, there is no email verification (at least not every time), and you can practically use any email, register 2fa, and continue using it as an imposter.
Though chances are slim that one will use your email, given that these are available for free, it is still something absurd to have in a digital security product.
The browser extension gives you most of the day-to-day functionality while missing some of Dashlane’s web app features like VPN, personal info, and IDs.
It features the password vault, auto-fill, and generator. For everything else, you have its web app. Though, Dashlanes may make the extension more capable in the future:
The web application is fully functional, including the VPN, making it a one-stop solution for all the Dashlane things you might do.
The top left hamburger icon hides the side panel. Except for this, most goodies are lined up upfront without any hidden menus.
My account section (top right) opens up to the Settings and Subscription tabs.
The Settings section hosts crucial functions, including account details, 2FA, biometrics, import/export, changing the master password, etc.
Lastly, Subscription is about plan details, including cancellation and billing receipts.
Overall, the UI is minimal with nothing fancy (like dark mode) or problematic and will do the job just fine.
Mostly one-time events, import and export are important pillars of the user experience.
Dashlane Import, though worked fine for me in the test, is a little bit unusual from the password managers I have used to date, such as LastPass, 1Password, Bitwarden, etc.
First, there is no mention of officially supported password managers. All you can do is drag the exported CSV and hope to work it out fine.
Additionally, you can’t mass delete the imported data except by deleting the Dashlane account. While I never used Dashlane in the past, some users reported this feature was present with their (now discontinued) desktop application and may find its way into the web application or the extension in the future.
Ergo, currently, the best way is to download the template from Need help? (as indicated in the preceding image) and arrange the export accordingly before hitting Import.
There is not much to talk about the export. It gives you the vault contents in two formats: DASH file and CSV. The former is a Dashlane-compatible encrypted file, while the latter can be viewed with any spreadsheet application like MS Excel.
Autofill and Capture
Users have love and hate relationships with Dashlane autofill.
It features Dashlane automatically logging you in once the web page is loaded for single accounts. However, it may need your intervention, especially if the login is protected by additional challenges like the Google captcha.
What else? There is no way to turn this off in one go. So, you have to select each login while on the subject website, and select Don’t autofill on this website.
Alternatively, you can head over to the web application and do this similarly–one-at-a-time.
For multiple accounts, it works traditionally, mentioning all the available logins.
However, Dashlane trying to log me in with a different credential on Amazon was awkward at best:
So, these were a few things that mark Dashlane’s autofill as imperfect.
However, it would be unfair to skip the fact that it saved me a few clicks with the auto login working nicely on websites with single accounts, except for the captcha logins.
Finally, the capture was working great with the pop-up asking to save the credentials at registrations.
If a cybercriminal takes hold of my password manager, the least I’m afraid of is empty bank accounts, compromised digital identity, and a total mess of my personal and social life.
In other words, a disaster! Ergo, it’s vital to protect the password manager from possible intrusions.
This helps to login into Dashlane without the master password. You can find this in the web app under My account > Settings > Security Settings > Biometric unlock.
Similarly, you can add hardware authentication, such as Yubikey in the same section.
Two-factor authentication (2FA) provides additional security, which comes into action in case of compromised passwords. You can configure Dashlane 2FA with authenticator apps to prompt at every login or just for the new devices.
It also asks for the mobile number for recovery in case you lose access to the additional authentication medium (which is strange given that they already have your email 🤔).
Key Derivative Function
Note: This is something advanced that most users shouldn’t bother about and leave the defaults ‘as-is’.
Key Derivative Functions (KDF) are used to create secret keys used as input in the encryption algorithms, such as AES-256. Dashlane is equipped with three KDFs: Argon2d, PBKDF2 200,000 and PBKDF2 10,204 (for older versions of Dashlane).
Argon2d is Dashlane’s recommended solution and the winner of the Password Hashing Competition. The other option is PBKDF2 with 200,000 iterations. While the huge number of iterations makes it rather secure, it can slow things down on less-powered devices.
Finally, Argon2d is more efficient by design and a modern KDF you should prioritize over PBKDF2.
Dashlane also comes loaded with industry-standard tools like password health and dark web monitoring.
Password health sums up the overall security status of the vault, listing the compromised, weak, and reused passwords.
Similarly, Dark web monitoring lets you check a limited number of emails to monitor against leaks. This feature needs additional email verification for the monitoring to commence.
This deserves special mention since it’s unlikely for a password manager to feature a virtual private network with their ‘regular’ services.
And it was excellent seeing them partner with Hotspot Shield and not try developing anything of their own. Because VPNs are complicated products and even veteran VPN companies struggle against user expectations.
So, you’re not getting a beta VPN, lacking the vital features, as some of the (antivirus) brands have started shipping with. Instead, you’re only taking advantage of the Dashlane-Hotspot Shield partnership with no compromises.
Consequently, Dashlane’s VPN section is only about activating your account with Hotspot Shield. Afterward, you download the Hotspot Shield, activate it with the given credentials, and use it independently.
What’s the benefit of using a Hotspot Shield with Dashlane when you can do it otherwise?
This particular VPN’s paid plans start with $7.99 a month for annual payments and $12.99 if paid monthly. It’s a steal at $3.33 a month (yearly payment), comprising a top-notch password manager and a VPN.
However, you can also use Hotspot Shields’s free plan in advance to see if it fits your bill.
Dashlane also offers encrypted storage up to 1GB with individual file sizes capped at 50MB currently. This is integrated into the Secure Notes section in the side panel.
Similarly, the Sharing center helps you send passwords, 2FA tokens, and Secure Notes (without attachments) to other Dashlane users you trust.
Finally, there are personalized alerts that inform you if a particular credential gets exposed.
Dashlane’s desktop experience was good except for some minor hiccups. However, we spend significant portions of our daily screen time on smartphones and having a user-friendly password manager on mobile matters a ton.
Dashlane’s android app is loaded with features similar to its desktop counterpart, and you hardly feel the difference.
And that’s good. I felt right at home with everything working fine.
Still, there are a few differences worth pointing out.
First, you have a native Dashlane authenticator with the Android application, which tells the sites supporting 2FA.
Next, you miss the auto login, adding another click for each site you are registered with. Besides, you can set a pin to unlock Dashlane in place of the master password or biometrics.
Moreover, the Dashlane android app lets you reset the master password with the biometrics if there isn’t any active pin lock.
You can also enable/disable taking screenshots inside the Dashlane application and set it to clear the clipboard every 30 seconds.
On the VPN front, it’s the same as with the desktop–separate Hotspot Shield application. Similarly, you’ll find the Secure notes and sharing, Password Health, Dark Web Monitoring, etc., working exactly like on the bigger screen.
Overall, the experience is seamless. Here are some screengrabs to give you a glimpse.
There are many password managers in the market, and it’s vital to choose the right one. While Dashlane has its pros, it’s equally good to have some alternatives.
1Password is a robust alternative to Dashlane, offering a 14-day free trial. Secure by design, 1Password has a large user base praising it for its excellent customer support.
You get mostly all the goodies offered at Dashlane barring some, like a VPN. Conclusively, it also costs a fraction less.
Notably, 1Password is a premium product with no free subscription.
LastPass is another mainstream password manager with a free forever plan. What makes its free tier excellent is you can store unlimited passwords, unlike the 50 password limit imposed on Dashlane free plan.
This also offers a 30-day premium trial.
Bitwarden is my first password manager and is my daily driver to date. This is open-source, and I can’t say enough good things about this.
Its free tier is excellent and feature-rich to the point you may start wondering why people pay for password managers in the first place.
However, Bitwarden also has paid plans with advanced features like its own authenticator, emergency access, security reports, etc.
Without any second thoughts, I would subscribe to Dashlane if I’m out searching for paid password managers. Besides, the VPN integration makes the deal sweeter beyond expectation.
That said, the live chat support wasn’t available in the help section. Moreover, some features like one-click password change felt like a marketing gimmick at best, not doing as advertised even once.
Besides, it will be ultra awesome if Dashlane can give more options on the VPN front, like ProtonVPN or Surfshark.
PS: Though Dashlane is good and has a 30-day premium trial, you can also check out this list of personal password managers to see a few more options.
More great readings on Security
5 Best Dark Web Monitoring Tools to Secure Valuable Personal DataHitesh Sant on November 30, 2022
How to Password-Protect a PDF Quick and EasyBipasha Nath on November 29, 2022
17 Keytool Command Examples to Know as Sysadmin and DeveloperAnkush Das on November 17, 2022
Get All-in-One Cyber Protect Cloud Benefits with AcronisTom Nyarunda on November 23, 2022
What is Cyber Espionage and How to Prevent itTamal Das on November 14, 2022
Understanding Bring Your Own Encryption and Keys (BYOE)Lakshman Sharma on November 10, 2022