Tag Archives: Security

NEW YORK – Last April researchers discovered the Heartbleed security bug. Dubbed “the most dangerous security flaw on the web”; it affected over 500,000 websites and dominated national news for weeks.

One year later, a new Dashlane study finds that an alarming 86% of Americans have not heard of Heartbleed.

Concerned by the growing frequency of hacks, breaches and other online security vulnerabilities, Dashlane commissioned the study (conducted on their behalf by Harris Poll in March 2015 among over 2,000 US adults ages 18+) to gauge public awareness and knowledge about online privacy, security and protection. Other notable findings include:

  • 65% – Believe the Obama administration has done LESS than corporations to protect them from hackers, breaches, and online security threats in the year following the Heartbleed bug.
  • 43% – Would rather have explicit photos/videos of themselves leaked than have hackers steal $1,000 from their bank account.
  • 32% – Chose themselves (more than anyone else) when asked which organization or person(s) they expected to do the best job protecting their interests from hackers, breaches and online security threats.
  • 1% – Chose their private email as the personal information they are most concerned with online hackers stealing, despite email being an easy front door to valuable and exploitable personal information.

Emmanuel Schalit, Dashlane CEO, states:

That almost 9 out of 10 people have never heard of the most dangerous security flaw of the past year is mind-blowing. Much work remains in educating the public about the dangers that exist online. Attacks such as Heartbleed are becoming more commonplace, and larger in scale, and it’s critical that everyone is aware and educated about the threats as they affect all of us.

Expert Video:  http://youtu.be/MEaX2tjUxQE

Full report + methodology and infographic: Dashlane.com/heartbleed

Experts Weigh In

As part of its Heartbleed Study, Dashlane assembled a team of experts from the realms of business, advocacy and academia to provide the public with an assessment of the fallout from Heartbleed, as well as analyze the online security and privacy challenges that lie ahead. Their responses were compiled into a video that can be accessed via the link above. The team included:

 

  • Nuala O’Connor – CEO & President, Center for Democracy & Technology
  • Catherine Lotrionte – Director, Georgetown University Cyber Project
  • Todd Simpson – CSO, AVG Technologies
  • Sunday Yokubaitis – President, Golden Frog

Mr. Simpson explained, ”Very few people registered Heartbleed as affecting their daily Internet lives”, a statement echoed by Professor Lotrionte who said, “The average citizen is not especially worried unless there is a tangible threat they can understand.”

Sunday Yokubaitis compared some Americans to teenagers when it comes to online security and privacy as, “They want to get on the motorcycle, go fast and completely ignore security for the sake of convenience and speed.” Nuala O’Connor, a recent participant in President Obama’s Cybersecurity Summit, stated, ”We’ve just seen the tip of the iceberg in terms of securing our digital lives, reputation and security.”

“Everyone in the digital world needs to know that they are their own first line of defense when it comes to online security”

The experts were in agreement that the biggest online security challenge is public education. All believed that a massive public education program, rivaling or exceeding that of the anti-smoking campaigns, is needed to generate the scale of awareness necessary to change behaviors.

An example of this is the public’s lack of understanding the risks associated with their email. Nearly 3 out 4 (72%) Americans in the Dashlane study said they were more afraid of hackers getting access to their Social Security Number or bank account than private email (1%). This sentiment was reflected in Dashlane’s own internal data as users changed 63 times more passwords on banking and finance websites in the month following Heartbleed than they did for email.

In fact, of the 14 websites that experienced the highest percentage of changed passwords following Heartbleed, 11 were related to banking, finance and payments. Yet, most people fail to realize that email is even more critical as it’s a gateway hackers use to steal exploitable information; a situation that was played out during the Sony hack.

The study also asked consumers who they expect to best protect them from online threats, and nearly 1/3 (32%) of Americans chose themselves. Schalit believes this self-reliance shows that some consumers have the right intuition, but believes this figure should be even higher.

“Everyone in the digital world needs to know that they are their own first line of defense when it comes to online security. There is, without a doubt, a role for governments and technology companies to play in making the online world safer for everyone, but the benefits these organizations can provide are marginal if the average citizen is not educated about the threats that exist and the actions they should take.”

Methodology

This survey was conducted online within the United States by Harris Poll on behalf of Dashlane from March 10-12, 2015 among 2,014 adults ages 18 and older. This online survey is not based on a probability sample and therefore no estimate of theoretical sampling error can be calculated. For complete survey methodology, including weighting variables, please contact Ryan Merchant (Ryan@Dashlane.com).

About Dashlane

Dashlane makes identity and payments simple with its password manager and secure digital wallet app. Dashlane allows its users to securely manage passwords, credit cards, IDs, and other important information via advanced encryption and local storage. Dashlane has helped over 3 million users manage and secure their digital identity, and has enabled over $2.6 billion in e-commerce transactions. The app is available on PC, Mac, Android and iOS, and has won critical acclaim by top publications including The Wall Street Journal, The New York Timesand USA Today. Dashlane is free to use on one device and Dashlane Premium costs $39.99/year to sync between an unlimited number of devices. Dashlane was founded by Bernard Liautaud and co-founders Alexis Fogel, Guillaume Maron and Jean Guillou. The company has offices in New York City and Paris, and has received $30 million in funding from Rho Ventures, FirstMark Capital and Bessemer Venture Partners. Learn more at Dashlane.com.

View all posts by ryan Posted in Heartbleed, Infographics, Privacy, Security | 1 Comment

With Valentine’s Day just round the corner, love appears to be in the air. Well…if it’s not love, then perhaps it’s the sense of online panic as millions of our beloveds frantically trawl the web in search of that perfect present.

This Saturday, many couples will be eager to pile on the romance and show their commitment to a significant other, whether it’s a surprise flower order delivered to the office or those imported chocolates they like so much.

Whatever you choose to do, much of this romance will be ordered online. This may be the most efficient route, however with it still comes the ever so common log in and new password request.

So, what sort of password do you choose when you’re all loved up and logging in for that annual order of 12 long-stemmed roses? A shiny new password to keep you super secure, or will it be that pet name that gives you butterflies about your Valentine?

Don’t be love-blind to password frailties this Valentines

To protect every Romeo and Juliet out there, our number crunchers at Dashlane have analysed aggregated and anonymized data looking at the websites most commonly used to purchase Valentine’s gifts. Our findings show that users were even less likely to use a secure password on these websites than others.

Furthermore, our research found that travel websites like Airbnb and Travel Supermarket, are where users’ passwords are at their weakest. Strange considering the investment going into such a gift.

Perhaps it’s the fact that their minds are clouded with love, or that they’re in manic rush to arrange the gift that will score all the brownie points they deserve for their generosity and thoughtfulness.

What’s important is to take a step back and think about the potential repercussions that could create an unwanted distraction on this coveted day. Even if a website does not require a complex password, it’s still important to include something that is complex and reasonably long.

Take a look below at the full list of UK websites analysed, and see if any of your go-to shops have made the list. And perhaps give the password you’ve used some thought?

Oh, and if this post has left you in the mood for more romance advice from us at Dashlane, stay tuned. We’ll have more romantic words of wisdom later this week.

Tainted Password Love – The Least Secure Valentines Websites:

  1. Travel Supermarket (-38% below average)
  2. Lastminute.com (-26%)
  3. Airbnb (-22%)
  4. gifts.com (-19%)
  5. Skiddle.com (-12%)
  6. Expedia.com (-9%)
  7. Notonthehighstreet (-7%)
  8. Opentable (-6%)
  9. Booking.com (-6%)
  10. Funky Pigeon.com (-3%)
  11. Marks & Spencer’s (-3%)
  12. Interflora (-2%)
  13. Hotel Chocolat (+1% above average)
  14. Trivago (+2%)
  15. Square Meal (+4%)
  16. Debenhams Flowers (+6%)
  17. Seranta Flowers (+8%)

Above figures based on the average Brit having a security index rating of 57.1% (Dashlane users)

View all posts by Tom Posted in #fixtheinternet, E-commerce, Security, Security Roundup | Comments Off

Every time you learn about a big data breach, the experts advice is always as follows: Change your password now and anywhere you’ve reused it. “Anywhere you’ve reused it” can be just a few online accounts or nearly all of them, which turns changing your password into a big, time-consuming undertaking… until today!

Today we introduce Password Changer, a groundbreaking feature that saves you loads of time spent changing passwords manually. With one click in Dashlane, Password Changer updates your passwords on sites and saves in Dashlane, automatically!

password changer

Password Changer works on the top 50 sites in the US (with more sites and countries on the way).  You can change one or a bunch of passwords at a time – you decide. And it even works with sites where you use two-factor authentication or where you need to answer a security question.

The full list of support sites, where you can also request any additions, is available here. You can also visit out Help Center to learn more about how Password Changer works.

Password Changer is available in Dashlane on Mac and PC. Try it today & let us know what you think!

dashlane upgrade

View all posts by Ashley Thurston Posted in Features | 2 Comments

Dashlane’s first quarterly Personal Data Security Roundup was released today! The roundup takes a look at password policies of the top 100 e-commerce sites, and the results are staggering.

Most e-commerce sites, which often store their users’ personal info, including credit cards, have password policies that seem to be from a more naive era… perhaps one not riddled with account crackings and data breaches. Here’s an infographic of what the results of our study show:

Click on the infographic for full size version.

INFOGRAPHIC - THE ILLUSION OF PERSONAL DATA SECURITY IN ECOMMERCE

Key findings:

  • 55% still accept notoriously weak passwords such as “123456” or “password”
  • 51% make no attempt to block entry after 10 incorrect password entries (including Amazon, Dell, Best Buy, Macy’s and Williams-Sonoma)
  • 64% have highly questionable password practices (receiving a negative total score in the roundup)
  • 61% do not provide any advice on how to create a strong password during signup, and  93% do not provide an on-screen password strength assessment
  • Only 10% scored above the threshold for good password policies (i.e. 45 points or more in the roundup)
  • 8 sites, including Toys “R” Us, J.Crew and 1-800-Flowers.com, send passwords in plain text via email

Your password is barricade between you (and anyone else) and your account. They should be long (more than 8 characters) and complex (include a letter, number, a mix of upper and lower case letters, and/or symbols).

The easiest way to create and remember strong passwords is with a password manager, like Dashlane, which generates unique passwords for you, saves them to your account, and autofills them online. Your data is protected with world-class security and encryption, and is only accessible to you. Learn more and get it free at here.

The full study and methodology behind this roundup can be found here. The press release is also available here. For questions, contact ryan(at)dashlane.com.

View all posts by Ashley Thurston Posted in E-commerce, Infographics, Press, Security, Shopping | 3 Comments

We’re excited to inform you that Dashlane 2.0 is here, and it’s on its way to your device! 

dashlane 2.0 on Mac

It’s the biggest update in Dashlane history. We have a new updates across the board – Mac, PC, iOS and Android – in addition to a spanking new website, and new features. Read on for details.

 Dashlane on desktop (Mac and PC) got a brand new interface.

In addition to our slick new interface, we also redesigned our security dashboard to make it even easier to see what passwords are putting you at risk. Plus, our new security score lets you instantly see your password health in a nutshell. Follow our easy tips to quickly improve your security score, and thus, your online security.

security-dashboard

We’ve also made significant improvements to our autofill, which now handles 2-step and 3-field logins, such as banks. Plus, we’ve enhanced the way Dashlane captures your purchases, giving you improved itemized receipts and screenshots of your purchases.

Dashlane for Android is packed with new features.

Our latest Android version comes packed with a brand new in-app browser that gives you all the form-filling power that you enjoy on desktop. You can now automatically log in to your accounts, autofill forms, autosave new passwords, and use our strong password generator to create new passwords on the fly.

dashlane on android
Dashlane for Android 2.0 also includes
tablet compatibility for Android (versions 2.3 and higher), so you can now have Dashlane synced to all your Android devices. The new update also includes portrait/landscape orientation to enhance your Dashlane experience.

dashlane android tablet


 2-Factor Authentication using Google Authenticator – available everywhere.

enabling google autheticator Also in this update, we’ve added compatibility with Google Authenticator on Mac, PC, iOS, and Android. Now you can add another layer of 2-factor authentication to your login, either for each time you log in to Dashlane or only when you want to authenticate a new device.

To enable additional 2-factor authentication, simply go to your security settings in the desktop app, switch it on, and follow the instructions. If you need additional help, visit our FAQ.

Our New Premium Offering
We’re introducing our new premium offering in Dashlane 2.0. It’s a whole lot clearer, and gives you our full functionality on any given device for free, so you can experience the awesome security and convenience that Dashlane provides. For $19.99 per year, Dashlane Premium subscribers can enjoy:
  • Secure backup of their data to our cloud servers
  • Automatic syncing between an unlimited number of devices
  • Web access to your logins and passwords
  • Priority user support
We have a spanking new website, too!
If you haven’t checked it out already, we have a brand new website that’s a much slicker, easier to understand, and reflects all the new changes in Dashlane. 

dashlane website 2.0

Additional changes in the app
  • At the launch of Dashlane 2.0, points officially retired. You’ve been compensated with lifetime access to all the features that you could have unlocked with your points, not to mention the new free features in this update. 
  • Badges have moved to the web-app, so you can view all of them by logging in to your account and going to “My Badges”. 
  • We’re also carrying on with our awesome referral benefits! For each friend that you refer to Dashlane, you get 6 months of Dashlane Premium for free – and so will your friend! So, same as before, you can unlock Premium for free by referring friends using your unique referral code.

It’s been a lot of hard work to pull all of this together, and we hope you enjoy the new update. More details on our 2.0 update are available in the release notes on our website

Share your thoughts on the update in the comments – we’d love to hear your feedback! Enjoy the update, and thanks for supporting Dashlane!  

View all posts by Ashley Thurston Posted in Convenience, Features, Mobile, Security, Updates, We Love Our Users | 18 Comments