Make us your home page

A way around the password memorization problem

"If you want to avoid having your identity stolen, use long passwords that contain digits, punctuation and no recognizable words. Make up a different password for every website. And change all of your passwords every 30 days."

Have these security pundits ever listened to themselves?

That advice is clearly un-followable. I currently have account names and passwords for 87 websites (banks, airlines, blogs, shopping, email, Facebook, Twitter). How is anyone supposed to memorize 87 long, complex password strings?

So most people use the same password over and over again, and live with the guilt.

There are solutions. Most Mac and Windows Web browsers now offer to memorize passwords for you. But that feature doesn't work on all websites, and is generally of little help when you pick up your phone or tablet.

The only decent solution is to install a dedicated password memorization program (like Roboform, KeePass, LastPass, 1Password, and so on). Recently, one of the best was improved: Dashlane, now at 2.0. It's attractive, effective, loaded with timesaving features and available for Mac, Windows, iPhone and Android — and it's free.

Installation is quick. Dashlane works in Safari, Chrome, Internet Explorer and Firefox. It can import existing password "vaults" from rival programs.

Dashlane has two primary features. First, yes, it's a password memorizer. Every time you type your account name and password into a Web page and press enter, Dashlane pops up, offering to memorize that information and fill it in the next time.

It also offers to log you in — not just to enter your password, but also to click "log in" for you. In effect, Dashlane has just removed the login blockade entirely. When you go to Facebook, Twitter or Gmail, you just click your bookmark, smile at the briefest flash of the login screen and arrive at the site.

Because Dashlane is now storing and auto-entering your passwords, you're now free to follow the security experts' advice. You can make up long, unguessable passwords — a different one for every website, because you don't have to remember any of them. Each time you sign up for a new account, Dashlane offers to make up such a password for you, and then, of course, to memorize it.

Dashlane's second huge feature is even more amazing. It can also fill in other kinds of website forms: your name, address, phone number, and even your credit card information.

Dashlane notes that it doesn't ever see your passwords or your credit card information. They're all stored on your own computer, encoded by the AES-256 encryption method, an open-source standard approved by the National Security Agency. In version 2.0, you have the option of using two-factor authentication — fancy lingo for an extra layer of security.

But Dashlane doesn't work in the built-in browser on the iPhone. Instead, it offers its own little iPhone browser.

The what-ifs of relying on Dashlane

. You forgot to explain what we can do to recover our passwords when our laptop disk crashes, or the Dashlane program itself gets corrupted.

That's not a Dashlane question. That's a "Why don't you back up your computer?" question. If you don't back up, you should probably subscribe to the $20-a-year Dashlane Premium, which backs up your password stash online, automatically. Or, worst case, you could go to each website and click the "I forgot my password" link. The site sends you a temporary new password by email.

. What happens if someone steals my laptop? Now they have access to all my websites.

You can't use Dashlane without entering the master password each day. But you can also remotely disable the stolen laptop's copy of Dashlane at

. My wife and I share a computer. We have separate user names for bank, credit card, airline and other accounts. How does Dashlane differentiate multiple user names for the same website?

A Dashlane can store multiple name/password combinations for each site.

. When I die, how will my wife or kids get to all my accounts, especially the financial ones?

You could share the master password with your wife and children. Worst case, again, your survivors could use the "I forgot my password" link on each website.

. What happens if one uses more than one computer? For example, I have a PC at work and a couple of Macs at home.

If you sign up for Dashlane Premium ($20 a year), your password vault is synched across all your Macs, PCs, iPhones and Android phones. Alternatively, you could install the free copy on each machine, and just export your password collection from one computer to the other, using the steps on the Dashlane website.

. How can we be absolutely, 100 percent certain that Dashlane is itself 100 percent secure? They say they don't have access to our passwords, but couldn't they be lying?

There is no way to know 100 percent. There is also no way to be 100 percent sure that your phone company isn't listening in to your calls, that your credit company isn't laughing at your list of purchases or that your GPS device isn't tracking your every move.

A way around the password memorization problem 07/20/13 [Last modified: Sunday, July 21, 2013 6:28pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, New York Times.

Join the discussion: Click to view comments, add yours

  1. Last orca calf born in captivity at a SeaWorld park dies


    ORLANDO — The last killer whale born in captivity under SeaWorld's former orca-breeding program died Monday at the company's San Antonio, Texas, park, SeaWorld said.

    Thet orca Takara helps guide her newborn, Kyara, to the water's surface at SeaWorld San Antonio in San Antonio, Texas, in April. Kyara was the final killer whale born under SeaWorld's former orca-breeding program. The Orlando-based company says 3-month-old Kyara died Monday. [Chris Gotshall/SeaWorld Parks & Entertainment via AP]
  2. Miami woman, 74, admits to voter fraud. Does jail await, or will she go free?

    State Roundup

    MIAMI — An 74-year-old woman pleaded guilty Monday to filling out other people's mail-in ballots while working at Miami-Dade's elections department.

    Gladys Coego
  3. Bigger ships carry Georgia ports to record cargo volumes

    Economic Development

    SAVANNAH, Ga. — Bigger ships arriving through an expanded Panama Canal pushed cargo volumes at Georgia's seaports to record levels in fiscal 2017, the Georgia Ports Authority announced Monday.

    The Port of Savannah moved a record 3.85 million container units in fiscal 2017, the state said, benefiting from the larger ships that can now pass through an expanded Panama Canal.
  4. Dragon ride in Harry Potter section of Universal closing for new themed ride


    Universal Orlando announced Monday that it will close Dragon Challenge for a new "highly themed" Harry Potter ride to open in 2019 — sending wizard fans into a guessing game with hopes for a Floo Powder Network or the maze from the Triwizard Tournament.

    Universal Orlando announced Monday that it will close Dragon Challenge on Sept. 5 for a new "highly themed" Harry Potter ride to open in 2019. The ride, originally the Dueling Dragons roller coaster, was renamed and incorporated into the Wizarding World of Harry Potter when the hugely popular area opened in 2010.
  5. Would you let your company implant a chip in you?

    Working Life

    Would you ask an employee to get a chip implanted in her hand? Sounds invasive and intrusive. But come Aug. 1, one company in Wisconsin will be giving it a try.

    Three Square Market - a developer of software used in vending machines - is offering all of its employees the option to get a microchip implanted between the thumb and forefinger. [Photo from video]