Dashlane – Security Essential for Password Management?

 

English: A Master padlock with "r00t"...

Image via Wikipedia

I have to admit, I’m not easily wowed. I just installed Dashlane (tagline: Sign In and Check Out in Seconds) and I got the “wow” response. I actually ran down and immediately downloaded for my wife as well. As I dive into the product and my infatuation has dimmed, but I remain hopeful this will bloom into a long-term relationship.

Dashlane is in private beta, so I hope that’s the reason behind my biggest gripe. If you like testing the waters of new products, you can register at Dashlane’s web site and get on their beta list. Or, go to Netted, you’ll find a link that will give immediate access to Dashlane. I don’t know if this an open offer, but as of today (Jan 11, 2012) it’s working great.

Dashlane vs. KeePass Comparison

Dashlane streamlines the security process for managing your passwords and logging in. That’s half the battle, right?

We all want the added security of better password management, but the logistics are what kill you. For me, the feature set of KeePass was robust and security measures excellent. As a result it won my loyalty over the past year. No longer trusting the passwords in my browser, I’ve slowly been rebuilding my password database. My wife, who I’ve been trying to get using the product has been slower to adopt. The burden of importing what’s already in her browser is too big a hurdle to overcome.

Dashlane makes this seamless – if you’re on Firefox or Chrome. Which both of us are. It’s an easy import. The Security Dashboard shows your vulnerabilities and since Dashlane automatically logs you in, it’s easy to hit the site and update to new passwords. As a bonus, you don’t have to jump back and forth between the site and the application like I have to in KeePass. In Dashlane, when you update your password on a site, you’re prompted right there with generating a new secure password and it then prompts for your immediate update to the Dashlane client.

I haven’t fully played with the multi-device interface with Dashlane but it appears to be built-in. My MBP, iPad and iPhone all get the benefits of the secure login features. I was able to achieve this with KeePass by installing various versions of the software on each device and synching the KeePass database through Dropbox. It was a hack that’s worked very well, but if this native system is even smoother – I’m really going to like this.

Dashlane Growth Points

The biggest shock I’ve had so far with Dashlane is the memory usage. It’s not as bad as I originally feared, but it will be an area for improvement. Memory allocated to the product after initial install was 3.3GB. If I hadn’t recently upgraded my 4GB to 8, it’d have crushed my machine. To be fair, I didn’t notice performance degradation, but I also didn’t wait too long to test that theory.

Instead, I rebooted and it dropped considerably. It still runs second to my Firefox with its 22 open tabs (yes, I’m one of those). As polished as the product is, I can’t imagine this will remain an issue for long. And I really hope its not. I have a low tolerance for memory hogs, I probably give all that runway to the browsers I abuse. I’d hate for this to be the nagging point that drives me away.

Importing from KeePass will be a bonus when the feature arrives. According to the Dashlane community support area on Get Satisfaction. I’m not sure I’ll completely abandon KeePass, but it will be immensely helpful to have this feature added.

I Know KeePass, and Dashlane, You’re No KeePass

Maybe the primary coverage is getting to me. This is more dramatic than need be. The one thing that jumps out at me is the security of the passwords. They’re much more secure than what I was using pre-KeePass and dead simple to use. But theyre are not up to the standards that KeePass has set.

I’m guessing this is a result of the simplicity they are striving for. I find myself having to dumb down my passwords on a regular basis. (Why do financial institutions offer the least secure options for passwords?) I let the default settings of KeePass be my guide and they do a great job of combining lots of characters, symbols, spaces – you name it and it’s there. Dashlane much less so. It’s an area I’d like to see improvement, but it’s probably not a deal breaker. Until the first hack.

Why You Need to Act on Password Management

It was a little over a year ago that the Gawker hack and this post “Jesus Christ, Use a Password Manager Already” got me looking into password managers.

The quick overview is that there are three basic categories:

  • Desktop – stores your passwords on your computers hard drive.
  • Portable – For your mobile device whether it’s your smart phone or thumb drive.
  • Web based – Online password manager.

Each method has its own strengths (platforms or uses where it excels) and weaknesses (where it’s vulnerable). Each also created additional overhead to access secure sites (cut and paste, authenticate manually).  That’s why Dashlane is so compelling. It removes the overhead and makes a more secure Internet well within grasp.

Lifehacker’s Five Best Password Managers from their Hive Five efforts was run in 2008. That’ll give you an indication of why the time is right for a product like Dashlane.

Happy browsing!

Enhanced by Zemanta

Tags: , , , , ,

3 Responses to “Dashlane – Security Essential for Password Management?”

  1. National BankCard Monitor Says:

    Nice! Just wanted to respond. I thoroughly loved your post. Keep up the great work.

  2. good side Says:

    Doh! I was domain name searching at namecheap.com and went to type in the domain name: http://webdatapower.com/2012/01/12/dashlane-security-essential-password-management/ and guess who already acquired it? You did! haha j/k. I was about to purchase this domain name but realized it was taken so I decided I’d come check it out. Good blog!

  3. Kevin Dwinnell Says:

    Thanks for the compliment on the post. And sorry about the domain. I got it about a month ago. Surprised it was available.