Protect your account using Two-Factor Authentication via an OTP Security Key
To increase the security of your account, Two-Factor Authentication can be enabled from the Preferences of the Dashlane application. An additional code will then be required each time you need to authorize a new device to access your account, or even each time you log in to your account (that is for you to choose). Please note that Two-Factor Authentication completely replaces the security codes which would be normally sent to you by e-mail when authenticating a new device, or resetting/deleting your account.
What is Two-Factor Authentication
Two-Factor Authentication (2FA) is a feature that will keep your account even safer in the event someone manages to get access to your master password. With 2FA, a hacker will not be able to access your data unless he/she also has a hold of the OTP Security Key you used to set up Two-Factor Authentication with. Of course, this means that you must always have access to that Security Key (or the back-up solutions that we offer when activating Two-Factor Authentication!)
In order to use Two-Factor Authentication via an OTP Security Key, you first need to have an OTP-compatible Security Key. They can be purchased from Yubico's website. YubiKey Standard and YubiKey Nano are OTP-only models that you can choose.
You will also need to download the Yubico Helper app (for Windows only) to set-up Two-Factor Authentication and generate codes.
Please note that only 6-digit codes can be used with Dashlane - make sure that you are not generating 8-digit codes.
Lastly, you will also need to make sure you have available configurations in your YubiKey. If all your configurations are currently used, you will need to download the YubiKey Personalization Tool to delete a configuration.
If you own a Security Key that is compatible with both OTP and U2F, and if you also wish to use that same Security Key to activate U2F in Dashlane, we strongly recommend that you do not use its OTP function to replace your Two-Factor Authentication app.
How to enable Two-Factor Authentication step-by-step
To enable Two-Factor Authentication, go to Tools → Preferences on Windows or select Dashlane → Preferences in the menu bar at the top of the screen on macOS.
Open the Security tab, and click on the Two-Factor Authentication sub-tab. Here, click on the lock icon at the bottom of the window to unlock the Settings (you will be prompted to enter your master password), then click on the switch to enable Two-Factor Authentication
Choose one of the two different security levels available for Two-Factor Authentication:
Only when I add a new device to my account means that you will need to authenticate yourself via your second factor only when an unauthorized device is used to access your Dashlane account. Once authenticated, we will never ask you to repeat this step on that device.
Each time I log into Dashlane is the most secure setting. You will need to authenticate yourself via your second factor each time your Dashlane account is accessed.
Note: you will need to disable Two-Factor Authentication and re-enable it altogether if you wish to switch between security levels.
Then copy the secret key that is currently displayed above the QR code by Dashlane
Now, make sure your YubiKey has been inserted into a USB port on your computer, then click here to download the Yubico Helper app for Windows: YubiKey TOTP Application for Windows. Run the app, right-click the Yubico TOTP generator icon in your Windows taskbar and click on Show configuration window. Once the Yubico TOTP generator window opens, choose an available config (1 or 2) and click on Check.
The app will tell you if that particular configuration is available.
Please then paste the secret key previously copied from Dashlane into the Paste key data here field.
Your Yubico Helper app will then start generating 6-digit codes for Dashlane. While using the config corresponding to Dashlane, please click on the OTP to clipboard button to copy a code generated by the app and paste it into the same Dashlane window from which you got your secret key before, into the field at the bottom.
Dashlane will then offer you two different back-up solutions in case you lose your mobile device or cannot use it anymore:
Choose a back-up phone number. If you lose both your mobile device, we will send a code to that number that will allow you to disable Two-Factor Authentication. You cannot change this back-up number later, therefore if you get a new phone, you will have to disable Two-Factor Authentication and then re-enable it again with your new number.
The other way of disabling Two-Factor Authentication is to use one of the unique back-up codes you will be provided with. Use one of them (in addition to your master password) instead of your second factor to temporarily bypass the Two-Factor Authentication and access your account. Note that each of back-up code can only be used once!
Make sure to save these codes as a TXT document for later use.
Two-Factor Authentication should then be set-up with your account!
How to sign-in to your Dashlane account if Two-Factor Authentication is enabled
Now that Two-Factor Authentication is all set up, you can start using it!
- To log in to Dashlane, open the app on Windows or Mac OS X and first enter your Dashlane email address;
- Enter your master password and click on Log in;
- When a security code will be required, copy that code from your Yubico Helper app by clicking on the OTP to clipboard button, and paste that code into the dedicated field on the Dashlane app.
How to disable Two-Factor Authentication
You will need to use your Yubico Helper app one last time in order to disable Two-Factor Authentication. If you have lost your YubiKey, click here to learn how to use one of your back-up solutions instead.
Go to the Security tab in Dashlane's Preferences, and to the Two-Factor Authentication sub-tab
Unlock the settings by clicking on the lock icon at the bottom left corner of the window;
Click on the switch to disable Two-Factor Authentication
Confirm that you only want to use your Dashlane ID and master password to open your account now;
Get a code from your Yubico Helper app by choosing the config corresponding to Dashlane and clicking OTP to clipboard (alternatively, you can use one of your back-up codes), then paste the code into the provided field when requested by Dashlane.
Two-Factor Authentication is now disabled!
Note that after Two-Factor Authentication has been deactivated, you will have to re-authenticate all your other devices using our standard security code system that works by e-mail.