To increase the security of your account, two-factor authentication can be enabled in your Dashlane preferences. An additional code will then be required either whenever you authorize a new device to access your account, or else each time you log in to your account. Please note that two-factor authentication replaces the security codes which are normally sent to you by e-mail when authenticating a new device or resetting/deleting your account.
If you have a U2F security key and a Premium subscription, you can add this key to your Dashlane account for an extra layer of security and convenience. Please click here for more information.
- What is two-factor authentication?
- How to enable two-factor authentication
- How to sign-in to your Dashlane account once two-factor authentication is enabled
What is two-factor authentication?
Your account is already protected by something only you know, your Master Password. Two-factor authentication (2FA) allows you to protect it with something only you have, typically your mobile phone.
With 2FA, a hacker can't get at your data unless they also have a hold of the device you used to set it up. Naturally, this means that you must always have access to that device. But just in case, there are back-up solutions proposed when you activate the feature.
The two-factor authentication feature must be activated or deactivated on your desktop.
You need to have a TOTP-based authenticator installed on the mobile device you wish to use for your 2FA. TOTP stands for Time-based One-Time Password algorithm, but that's just a technical way of referring to a code that changes every, say, 30 seconds. A few examples are Authy (for iOS and for Android), Google Authenticator (for iOS and for Android), or FreeOTP (for iOS and Android).
Note that if you do not have a mobile device, you can, for instance, use WinAuth.
How to enable two-factor authentication
If you are a Free user, note that when you enable (or disable) two-factor authentication, you should do so from the device where your data is currently stored. Enabling 2FA triggers a re-encryption of your account and requires you to re-authenticate your other devices. This means that if you do this from a device where you do not see your data, your data will be lost.
To enable two-factor authentication, go to Tools > Preferences on Windows or select Dashlane > Preferences... on Mac OS X.
Open the Security tab, and click on the Two-Factor Authentication sub-tab. Here, click on the lock icon at the bottom of the window to unlock the Settings (you will be prompted to enter your Master Password), then click on the switch to enable two-factor authentication.
Choose one of the two different security levels available for two-factor authentication:
Only when I add a new device to my account means that you will need to authenticate yourself via your second factor only when an unauthorized device is used to access your Dashlane account. Once authenticated, we will never ask you to repeat this step on that device.
Each time I log into Dashlane is the most secure setting. You will need to authenticate yourself via your second factor each time you access your Dashlane account.
Note that to switch between security levels you will need to disable and re-enable two-factor authentication.
Now it is time to use your two-factor authentication app. We are going to use Google Authenticator here, but all two-factor authentication apps work similarly. Open the app on your mobile device, tap on the Menu icon located at the top-right corner and choose Set up account to add a new entry. If it’s your first time using a two-factor authentication app, you should be able to add a new entry by choosing Begin setup at the bottom.
Tap on Scan a Barcode if your mobile device has a camera. If your mobile doesn’t have one, choose Enter provided key instead.
Then, flash the QR bar code that is currently displayed by Dashlane with your mobile's camera, or manually enter your Dashlane email address and the secret key displayed above the QR code into your two-factor authentication app. In any case, your two-factor authentication app should then start generating 6-digit codes that change every 30 seconds.
Enter the code generated by your app into the field provided by Dashlane.
Dashlane will then offer you two different back-up solutions in case you lose your mobile device or cannot use it anymore:
Choose a back-up phone number. If you lose your mobile device, we will send a code to that number that will allow you to disable two-factor authentication. The back-up number cannot be changed later unless two-factor authentication is disabled in your Dashlane account. If you have changed your mobile phone number, you need to disable two-factor authentication and re-enable it with your new phone number.
The other way of disabling two-factor authentication is to use one of the unique back-up codes you will be provided with. Use one of them (in addition to your Master Password) instead of your second factor to temporarily bypass the two-factor authentication and access your account. Note that each of back-up code can only be used once!
Make sure to save these codes as a .txt document for later use.
And you're done setting up two-factor authentication on your account!
How to sign-in to your Dashlane account if two-factor authentication is enabled
Now that two-factor authentication is all set-up, you can start using it!
On Windows or Mac OS X
- To log in to Dashlane, open Dashlane and first enter your Dashlane email address.
- Enter your Master Password and click Log in.
- Finally, enter the 6-digit security code that has just been generated by your two-factor authentication app (example above) and click Log in once again.
- To log in to Dashlane on iOS, open Dashlane and first enter your Dashlane email address.
- Then enter your master password and tap on Log in.
- Now switch from Dashlane to your two-factor authentication app by pressing the iPhone main button twice.
- Tap once on the 6-digit code in your two-factor authentication app to copy it to your clipboard.
- Finally, switch back to Dashlane, paste the 6-digit security code there and tap on Log in.
If your security code does not work, make sure it is still valid in the application, and that you perform these steps fast enough, as new codes are generated every 30 seconds by your two-factor authentication app.
- To log in to Dashlane on Android, open Dashlane and first enter your Dashlane email address.
- Then enter your master password and tap on Log in.
- Now switch from Dashlane to your two-factor authentication app in order to get a valid 6-digit security code.
- Tap on the code in your two-factor authentication app to copy it.
- Finally, switch back to Dashlane, paste the 6-digit security code and tap on Log in.
Note that from the Settings of your Dashlane app, in the Security menu you can turn on the "Disable 2FA" switch. This setting is meant for users who use their Android device as their 2FA device, and who have a PIN or biometric login activated. It allows you, on this device only, to be asked for your 2FA code less often. Instead, you will only be asked to enter the 2FA code when you are logged out of Dashlane, such as when the device is revoked or you reinstall Dashlane, or if you change your Master Password.
If Google Authenticator codes are not working on Android, this might be because the time on your Google Authenticator application is not synced correctly. Please click here and go to the last section to see how to make sure you have the correct internal time for Google Authenticator.
On the web app
- To log in to Dashlane using the web app, first enter your Dashlane email address and click on Log in.
- Now open the two-factor authentication app on your mobile device.
- Copy the 6-digit code shown there into the Security code field in the web app.
- Finally, enter your Master Password in the first field, then choose a name for this computer or device if you wish (e.g. My laptop, Jim's computer) and click Log in.
How to disable two-factor authentication
Free users should remember to always enable or disable two-factor authentication from the device where your data is currently stored. If performed on a device where your data is not stored, you will lose your data.
Remember that this can only be done from your desktop device.
You will need to use your two-factor authentication app one last time in order to disable two-factor authentication. If you have lost your phone or tablet and cannot use your two-factor authentication app anymore, click here to learn how to use one of your back-up solutions instead.
Go to the Security tab in Dashlane's Preferences, and to the Two-Factor Authentication sub-tab. Unlock the settings by clicking on the lock icon at the bottom left corner of the window.
Click on the switch to disable two-factor authentication.
Confirm that you only want to use your Dashlane ID and Master Password to open your account.
Enter the code currently displayed in your two-factor authentication app, or else one of your back-up codes and click on Next.
Two-factor authentication is now disabled.
Note that after two-factor authentication has been disabled, you will have to re-authenticate all your other devices using our standard system of security codes sent to you by e-mail.