Earlier this year, we examined the password policies of the top 100 e-commerce sites in the US and France, and found that most e-commerce sites have security policies that are a bit outdated for the age of account cracking and data breaches that the rest of us are living in.

Today we’re releasing the UK edition of our Personal Data Security Roundup that examined 26 different password security criteria. Below are some of our key findings:

  • 66% accept notoriously weak passwords such as “123456” or “password”, putting users in danger as these are often the first passwords hackers use when trying to breach accounts.
  • 66% make no attempt to block entry after 10 incorrect password entries (including Amazon UK, Next, Tesco and New Look). This simple policy prevents hackers from using malicious software that can run thousands of passwords during log-ins to breach accounts.
  • 60% do not provide any advice on how to create a strong password during signup, and only 14% display a password meter to help their users gauge the strength of their chosen password.
  • 25% send passwords in plain text via email, including The Body Shop, Clarks and Superdrug, which gives any hacker that has access to your email account access to your other accounts.

Each criteria examined was given a +/- point value enabling each website to achieve a total score between 100 and -100. In comparing total scores, we can see that Apple again takes the #1 spot for data protection, with Travelodge UK coming in at a close second. Urban Outfitters received the lowest score, followed by 11 other companies who share the second lowest.

 

By comparing the UK to the research performed in France and in the US few weeks ago, we can see that the UK compared somewhat favorably to the US where e-commerce sites generally deploy more rigorous online security processes:

UK-US-France Comparison2

 

UK-US-France Comparison

The complete study is available here. You’ll also find the complete list of site rankings and the methodology here.

It’s clear that it’s time for companies to implement better password security, which can be done cheaply and quickly using open-source technology. On the flip side, consumers can protect themselves by creating strong passwords that are long (more than 8 characters), complex (include a letter, number, a mix of upper and lower case letters, and/or symbols).

The easiest way to create and remember strong passwords is with a password manager, like Dashlane, which generates unique passwords for you, saves them to your account, and autofills them online. Your data is protected with world-class security and encryption, and is only accessible to you. Learn more, and get it free at here.

View all posts by Ashley Thurston Posted in Ecommerce, Security | 3 Comments

In today’s release, our Android app got some awesome, new features that bring autofill and auto-logins everywhere on Android phones and tablets.

We’ve added a brand new standalone, multi-tabbed browser, which you can now make your default for universal auto-logins and autofill!

google_login_EN

When you set the Dashlane Browser as your default, you’ll have not one but two icons on your device. It makes it a lot easier to get autofill and auto-login with less switching between apps. (What can we say? We’re big fans of efficiency.)

Plus, we’ve enhanced our Android Keyboard, so you can auto-login to your apps, too! It’s super easy to set up. Follow the instructions in the app, and watch this video to learn how it works: http://vimeo.com/81101124

android_keyboard_autologin

We’ve also added a new in-app password generator helps you customize and create complex passwords for your apps. (This is in addition to the password generator in the browser.) Make long and complex passwords, and save them directly to Dashlane in a tap!

password generator

Last but not least, you’ll notice our elegant new design and new home screen make Dashlane even more user-friendly on phones and tablets!

android home screen

Don’t miss out on today’s free update. And if you want to help others discover the good stuff, leave your review on the Google Play Store!

get the free upgrade

Dashlane is the best password manager & digital wallet for Mac, Windows, iPhone, iPad, and Android. Get encrypted storage for your passwords and personal info. Autofill forms online and log in to your accounts automatically. Never lose a password or fumble with tiny keyboards again! Get it free today!

View all posts by Ashley Thurston Posted in Convenience, Efficiency, Mobile, Updates, We Love Our Users | 23 Comments

Untitled2Denver and Seattle.

Two cities that on the surface share more similarities than differences. They have similar populations and demographics, they both recently legalized a certain green plant, and their two NFL teams are meeting this week in a little game called the Super Bowl.

As much as we love hearing about Manning and Sherman, we here at Dashlane wanted to prod deeper to get a better sense for how these two cities compare when it comes to password security. As such, a week after presenting our first ever Personal Data Security Roundup, we are pleased to present Dashlane Password Super Bowl I!

So what determines the victor of this gladiatorial behemoth of all events?

It’s easy, we’re going to examine two categories that go a long way in determining password security: average password strength and number of passwords re-used.

Password strength is how complex a password is. For example, a password such as “*h4F7An1$” is harder for hacker to crack than is “123456″ or “aaaaaa”. Password re-usage is defined as what percent of your passwords are re-used for multiple accounts. So, if you use “football” as your password for both your email and Facebook accounts, this would count as a reuse.

The criteria for winning Super Bowl Password I is easy. For each category we’ll subtract the difference in scores between the two cites and whichever city has the highest point total wins. But before we let the games begin, let’s take a overview at the differences in the number of passwords the average person in each city has.

Total Passwords PNG

As you can see, both Seattle and Denver are above the national average in regards to the average number of passwords each person has. Seattle’s figure is especially high as the average person has roughly 8 more passwords than the average American.

Let’s look at the first category of the Password Super Bowl: % of Re-Used Passwords.

UntitledIn the first round Denver barely comes out on top by a mere 1.2%. Remember, the lower the number, the better – as the fewer passwords you re-use, the safer you are. Although they always say there’s no such thing as a moral victory in sports, Seattle fans can take solace knowing they, too, were below the national average.

Now, lets look at our second and final category: Average Password Strength.

Average Password Strength PNG

And Denver has squeaked by again by only .7%. Both cities come in around the national average of 53.1, but Denver has ever so slightly more secure passwords on average than Seattle. With its second consecutive win we can officially proclaim the city of the Broncos Dashlane’s 2014 Password Super Bowl Champs!

So congrats to the City of Denver and a hat tip to Seattle for making it close.

As for the actual game… We love us some Manning as much as the next guy, but given the combination of Seattle’s great defense, and the likelihood that Polar Vortex #326 of 2014 will slam us here in New York on Sunday, we’re going with the Seahawks 24-21 over the Broncos.

 

* The study is based on anonymous aggregated data from random accounts of Dashlane users. The user data was completely anonymous and no Dashlane employee was able to view any individual account details. For more information on Dashlane’s privacy policy please click HERE.

View all posts by ryan Posted in Features, Fun, Security, We Love Our Users | Comments Off

Have you tried our new iOS app? You should…it’s the top rated password manager on iTunes!

We’ve completely redesigned our app to make it compatible with iOS 7 and extra user-friendly for you…something we rather value at Dashlane. Here’s a sneak peek at our new look!

amazon detail view

For starters, we have a new home screen to make it easier for you to access our in-app browser, which gives you all the autologin and autofill power of Dashlane, so you can forget about fumbling with tiny keyboards!

D

Plus, we’ve added a strong password generator, so you can create and even customize strong passwords for your apps, too! (This is in addition to the password generator that’s available inside our browser, which auto-saves passwords to your Dashlane account.) Get quick access to it from your home screen, as shown here:

new password generator ios

 Customize the length and strength of your passwords – make them longer, add special characters, or even make them pronounceable.

strong password generator 1 iosWe’ve also enhanced our usability, so you can get to the info that you want in record time. Our new search bar reduces the steps it takes you to find your logins and passwords. Simply start your search. Tap to copy your passwords.

search bar ios 2 more info

Or, as shown above, you can select “More” to copy your password & open a website or app. And if you feel like sharing, you can send your password to someone you trust via self-destructing, encrypted messages.

Also, when you’re in the ‘Passwords’ view, you can swipe left to access more info on a credential:

swipe left ios 2

If you’re already a Dashlane user, you’ll notice this new update is as easy on the eyes as it is to use! If you haven’t already, but sure to give it your rating after you’ve taken it for a spin. That way, everyone is in the know about the good stuff ;)

We hope you enjoy our new update – there’s more where that came from! Feel free to leave your questions or comments below.

get the free upgrade

Dashlane is the best password manager & digital wallet for Mac, Windows, iPhone, iPad, and Android. Get encrypted storage for your passwords and personal info. Autofill forms online and log in to your accounts automatically. Never lose a password or fumble with tiny keyboards again! Get it free today!

View all posts by Ashley Thurston Posted in Convenience, Efficiency, Features, Mobile, Support, Updates, We Love Our Users | 17 Comments

Dashlane’s first quarterly Personal Data Security Roundup was released today! The roundup takes a look at password policies of the top 100 e-commerce sites, and the results are staggering.

Most e-commerce sites, which often store their users’ personal info, including credit cards, have password policies that seem to be from a more naive era… perhaps one not riddled with account crackings and data breaches. Here’s an infographic of what the results of our study show:

Click on the infographic for full size version.

INFOGRAPHIC - THE ILLUSION OF PERSONAL DATA SECURITY IN ECOMMERCE

Key findings:

  • 55% still accept notoriously weak passwords such as “123456” or “password”
  • 51% make no attempt to block entry after 10 incorrect password entries (including Amazon, Dell, Best Buy, Macy’s and Williams-Sonoma)
  • 64% have highly questionable password practices (receiving a negative total score in the roundup)
  • 61% do not provide any advice on how to create a strong password during signup, and  93% do not provide an on-screen password strength assessment
  • Only 10% scored above the threshold for good password policies (i.e. 45 points or more in the roundup)
  • 8 sites, including Toys “R” Us, J.Crew and 1-800-Flowers.com, send passwords in plain text via email

Your password is barricade between you (and anyone else) and your account. They should be long (more than 8 characters) and complex (include a letter, number, a mix of upper and lower case letters, and/or symbols).

The easiest way to create and remember strong passwords is with a password manager, like Dashlane, which generates unique passwords for you, saves them to your account, and autofills them online. Your data is protected with world-class security and encryption, and is only accessible to you. Learn more and get it free at here.

The full study and methodology behind this roundup can be found here. The press release is also available here. For questions, contact ryan(at)dashlane.com.

View all posts by Ashley Thurston Posted in Ecommerce, Infographics, Press, Security, Shopping | 3 Comments