In October 2012, Dashlane partnered with Pwnedlist, the largest database of published online credentials, to enhance our Security Alerts feature. We’ve gotten some questions about how our Security Alerts work, so we think it’s worth clarifying our process.

When we launch a Security Alert, as we did yesterday for Netflix, it’s because login credentials were found online by Pwnedlist. In this case, they were in plain text (cringe). Pwnedlist reported on 3/16/2013, “A hacker known as Fugazi has published a list of account credentials that they claim belong to users of netflix.com. The data includes a list of passwords and emails. The passwords are in plaintext format.”

Our general rule is to push alerts for leaks that PwnedList (a very reputable source) considers verified. Since Dashlane makes it incredibly easy to change your passwords and even securely share that information – and Netflix accounts are often shared - we pushed an alert. The effort spent changing a password outweighs the damage cause by a leaked, or worse, a reused password. It’s what makes Dashlane a hackers worst nightmare.

Regarding Netflix, this leak was one among a couple that we received. We continue to strongly suggest that you update your Netflix password and any other accounts where it may have been used. Hackers love reused passwords. (They bank on them). And when it comes to your online security, safe is always better than sorry.

Depending on what news outlets you follow, you may have heard that October is National Cyber Security Awareness Month (#NCSAM). The month is dedicated to getting everyone to do their part in securing their online lives, as well as encouraging others to do the same.

What you may not have been aware of is that October has been NCSAM since 2004. If you can remember the ways in which technology and the web has changed over the last eight years, then you also understand that the National Cyber Security Alliance (NCSA) has their growing pile of work cut out for them.

Facebook In 2004

There were no iPhones in 2004. There was barely a Facebook. Gmail was still in beta.

Those three categories — smartphones, Facebook, Google — alone hold tons, if not most, of our of personal data today and make sharing our data easier than ever. It also makes being safe online that much harder. You may recall the Harris poll we commissioned earlier this summer, which showed that 3 in 5 American adults online think they’re at risk of being hacked.

We are, however, making progress and awareness is growing. Maybe it’s because many major consumer websites were breached this past year and that news was picked up by mainstream media. Maybe it’s because of Internet power users like Amber Yust, who discovered Pandora was storing passwords in plain-text on the client-side. (Her post on Google+ started a wave of media coverage that eventually got Pandora to tighten up their security.) Or, it could be because of many sites like plaintextoffenders.com or pleaserobme.com, call out bad security behaviors of companies and consumers alike, in hopes of changing risky behaviors online.

Awareness is, fortunately, growing. The question is, will Internet users be able to keep up with the rate that technology is changing? There are some positive signs: A poll conducted by Pew Research between March and April of this year showed that 57% of smartphone users either uninstalled or didn’t download an app due to concerns of privacy and security.

Tell us what you think. Are cyber security awareness efforts working? Will Internet users keep up with the new security issues that changing technology brings?

It’s easy to feel like it’s a scary world wide web out there. Our Harris Interactive poll on digital privacy and security earlier this summer found that the majority of online adults are not comfortable storing personal data online: 88 percent are at least somewhat concerned that their personal online data is being used without their knowledge, with 59 percent being extremely concerned by this.

Luckily, there are certain steps you can take to take control of your digital footprint. Here are four things you can do right now to regain web privacy. They’ll take you five minutes, max:

1. Get rid of Facebook and Twitter apps that have permission to access your data which you haven’t used in the past 3 to 6 months. 

For Facebook: Click Drop Down Menu > Privacy Settings > Ads, Apps and Websites, Edit Settings > Apps You Use > Edit Settings

These are the apps that you use. Click “Edit Settings” to see your full list.

(Did anyone else notice that it’s harder to find your Facebook privacy settings than it used to be?)

For Twitter: Drop Down Menu > Settings > Apps > Revoke Access

2. Use Virtual Private Networks (VPNs) to get secure access to the Interent.

VPNs like Spotflux and AnchorFree allow you to browse the Internet anonymously, detect and block malware, but still use the web the way you’d like to.

In short, they help you regain web privacy by keeping certain information about you concealed from companies who want to sell it.

We’re proud to announce that Dashlane won two awards from DataWeek, the premier conference and festival showcasing the innovations behind the “Data Revolution.”

Dashlane was the only company to win more than one award! Indeed, we won both DataWeek awards we were up for: Top Innovator in Data Privacy & Law and Top Innovator in Personal Data.

We have worked really hard to build and deliver a product that users can completely trust to privately and securely store all their personal data. Indeed, the personal data you store on Dashlane is accessible to you and only you — and is impossible to break into, even by the most diligent hackers.

We count privacy and security experts and die-hards among our users. Their trust in Dashlane alone is proof-positive, to our team, that we are doing things right. They keep us focused on building the most private and secure password and personal data manager out there.

Thanks so much to DataWeek and the voting public for our awards! And, of course, thank you to our users for getting us here.

(The DataWeek 2012 conference will take place Sept. 24-27 in San Francisco.)

Recently, we shared some very interesting insights from a poll that we commissioned with Harris Interactive. We found that there are a lot of discrepancies between the way people feel about their online security — or rather, insecurity — and the steps that they take to protect themselves online, as you can see in this infographic:

Click on the infographic for the full size:

What’s interesting to me is that there are actual solutions  (like, ahem, Dashlane) to the challenges that people face with online security. But according to this poll, there are still significant numbers of people who are unaware of them.

I asked the question, “Why do you think so many people are careless about their online security?” on Quora. Here are some of the responses I received:

• Why should people waste their effort thinking up a password when they already have too many (maybe five)? *sigh* Effort
• Simply because they are unfamiliar with threats.
• I’m careless because I have little of value, and the information that I care about only needs to be concealed from a small group of people who are  unlikely to constitute a legitimate security threat.
• Ignorance, convenience, and misplaced trust are the usual reasons.  Even savvy online people will make a mistake or get lazy.
• We (software engineers) haven’t made it easy enough.

So, what do you think? Why are people careless about online security? What motivates you/unmotivates you to protect yourself online? We’d love to hear your thoughts!

Also, could you help one of those 45% of confused Americans, and share Dashlane with them please? ;)