Sharing data in emails or texts is not secure but using Dashlane's Sharing Center is.
Each time you share a password or any sensitive information by email, the information is copied in plain text in:
- The 'Sent' folder in your email provider's inbox
- The 'Sent' folder on all other devices connected to your inbox
- Your email provider's servers
- Your recipient’s email provider's servers (which may actually include several different locations and data centers)
- Your recipient’s computers or devices
Sharing this information through instant messaging apps is also insecure since the information is usually not encrypted and is sent in plain text on the network. This means your information can be read by the company running the messaging service, and conversations are also generally saved in the history by these applications.
How is the Dashlane sharing feature different from using normal messaging apps or email?
By using Dashlane's Sharing feature, your data is encrypted using strong encryption before being sent over the internet. You and the user you share an item with are the only ones who can access the items. It is impossible for anyone, even for Dashlane employees, to access the data you share with other people.
How does the magic happen?
Whenever you share data, the data is encrypted and decrypted using a public-key (or asymmetric) cryptography protocol. Each Dashlane user has a set of two keys that are generated for them upon creating their account:
- A unique public key that is used to encrypt the data that others share with you. If for instance, you share a password with another Dashlane user, Dashlane will encrypt the password using the public key of that user. If someone shares a password with you, the item that they share with you will be encrypted using your public key.
- A unique private key, known only to you and never transmitted to others, which is directly saved in your Dashlane account and encrypted at all times with your Master Password. A user's private key is the only thing that can be used to decrypt data encrypted with that user's public key. So, if someone has shared a password with you, and therefore encrypted it with your public key, Dashlane will be able to decrypt that password for you by using your private key.
Both keys are generated together when your account is created, and they only work together. Other Dashlane users use your public key to encrypt the data that they want to send you, data which you then decrypt by using your private key, to which only you have access and which is protected by your Master Password.
For more information on security and encryption, please click here.