Secure and Encrypted Password Manager

Our security model in a nutshell:

AES-256
Encryption

Your
encryption
key is not
recorded

Local-only
or synced -
YOU choose

Two-factor
authentication

AES-256 encryption (the world's leading standard), with 10,000+ rounds of PBKDF2 salt. Open source, yet remains uncracked. Widely-accepted as the strongest encryption there is. See a sample encrypted file .

The key that encrypts your data is derived from your Master Password. There is by default NO RECORD of them anywhere in the universe – not on your device, never on our servers and never transmitted on the web.

You can choose to have your private, encrypted data never leave your device. Or, seamlessly sync your data (AES-256 encrypted, of course,) via our servers to multiple devices.

You can add two-factor authentication with Google Authenticator to bring yet another layer of security to access your data. Read more about Google Authenticator.

AES-256
Encryption

Your
encryption
key is not
recorded

Local-only
or synced -
YOU choose

Two-factor
authentication

You can choose to have your private, encrypted data never leave your device. Or, seamlessly sync your data (AES-256 encrypted, of course,) via our servers to multiple devices.

You can add two-factor authentication with Google Authenticator to bring yet another layer of security to access your data. Read more about Google Authenticator.

What this means for your data:

Your data is encrypted with the strongest algorithm there is, and we've chosen an incredibly stringent way to implement it as well - a hacker's nightmare

Because we don't record your Master Password or any hash/derivative of it on our servers (i.e. we literally "throw away the key"), your data can be decrypted ONLY BY YOU - not even Dashlane has access to your data

If you're worried about your "data in the cloud", you can choose to keep your encrypted data purely local - i.e. only on your device

To layer up even further, you can use two-factor authentication with Google Authenticator, which adds another independent lock and key to get to your data

FAQ:

How is it that Dashlane doesn't store even a derivative of my Master Password? Doesn't your app need it to work?
Dashlane doesn't need your Master Password. We authenticate you based on your machine (and not any password.) You use your Master Password to only decrypt your own data locally on your computer, and your data is successfully decrypted only if you provided the right one.
What if Dashlane gets hacked?
We take incredible care to keep our servers secure. However, the only thing that allows us to sleep at night is knowing that the data in our cloud is always encrypted with AES-256, with a unique key for each user that isn't recorded anywhere. Without these keys, this encrypted data is useless to anyone, including us.
Why is my data safe in the cloud?
For the same reason as above. Our cloud only has your encrypted data, which is useless without your unique Master Password-derived key (because of the super-strong AES-256 encryption algorithm.) And we don't have any record of these keys anywhere.
What happens if I forget my Master Password?
Because we never store even a derivative of your Master Password, we cannot recover your data if you forget it - you need to start over with Dashlane. Our users understand that this is the only way for us to ensure that their data is inaccessible to anyone but them.

Maximum security for your data.

Our security model in a nutshell:

What this means for your data:

FAQ: