To add an extra layer of security to your Dashlane account you can use two-factor authentication, or 2FA. With 2FA, an additional code will be required in addition to your Master Password to verify that it's you accessing the account. Someone trying to access your data would need not only your Master Password, but also need access to the OTP security key you used to set up your 2FA.
Keep in mind that this means that you must always have access to that security key, or else the back-up solutions that we offer when activating two-factor authentication. Also, note that two-factor authentication replaces the security codes which would be normally sent to you by e-mail when authenticating a new device or resetting your account.
In order to use two-factor authentication via an OTP security key, you first need to have an OTP-compatible security key. They can be purchased from Yubico's website. YubiKey Standard and YubiKey Nano are OTP-only models that you can choose.
On Windows, you will need to download the Yubico Authenticator to set-up two-factor authentication and generate codes.
Please note that only 6-digit codes can be used with Dashlane. Make sure that you are not generating 8-digit codes.
Lastly, you will also need to make sure you have available configurations in your YubiKey. If all your configurations are currently used, you will need to download the YubiKey Personalization Tool to delete a configuration.
If you own a security key that is compatible with both OTP and U2F, and if you also wish to use that same security key to activate U2F in Dashlane, we strongly recommend that you do not use its OTP function to replace your two-factor authentication app.
Steps to enable two-factor authentication step-by-step
To enable two-factor authentication, on Windows go to Tools > Preferences, and on macOS select Dashlane > Preferences in the menu bar at the top of the screen.
Open the Security tab, and click on the Two-Factor Authentication sub-tab. Here, click on the lock icon at the bottom of the window to unlock the Settings (you will be prompted to enter your Master Password), then click on the switch to enable two-factor authentication.
Choose one of the two different security levels available:
Only when I add a new device to my account means that you will need to authenticate yourself via your second factor only when an unauthorized device is used to access your Dashlane account. Once authenticated, we will never ask you to repeat this step on that device.
Each time I log into Dashlane is the most secure setting. You will need to authenticate yourself via your second factor each time your Dashlane account is accessed.
Note that you will need to disable two-factor authentication and re-enable it altogether if you wish to switch between security levels.
Then copy the secret key that is currently displayed above the QR code by Dashlane.
Now, make sure your YubiKey has been inserted into a USB port on your computer, then click here to download the Yubico Helper app for Windows: YubiKey TOTP Application for Windows. Run the app, right-click the Yubico TOTP generator icon in your Windows taskbar and click on Show configuration window. Once the Yubico TOTP generator window opens, choose an available config (1 or 2) and click on Check.
The app will tell you if that particular configuration is available.
Please then paste the secret key previously copied from Dashlane into the Paste key data here field.
Your Yubico Helper app will then start generating 6-digit codes for Dashlane. While using the config corresponding to Dashlane, please click on the OTP to clipboard button to copy a code generated by the app and paste it into the same Dashlane window from which you got your secret key before, into the field at the bottom.
Dashlane will then offer you two different back-up solutions in case you lose your mobile device or cannot use it anymore, a back-up phone number or back-up codes:
Back-up phone number
If you lose both your mobile device, we will send a code to that number that will allow you to disable two-factor authentication. You cannot change this back-up number later, therefore if you get a new phone, you will have to disable two-factor authentication and then re-enable it again with your new number.
The other way of disabling two-factor authentication is to use one of the unique back-up codes you will be provided with. Use one of them (in addition to your Master Password) instead of your second factor to temporarily bypass the two-factor authentication and access your account. Note that each of back-up code can only be used once!
Make sure to safely save these codes outside of Dashlane for later use.
Your two-factor authentication is now set-up!
How to sign-in to your Dashlane account if two-factor authentication is enabled
Now that two-factor authentication is set up:
- To log in to Dashlane, open the app on Windows or Mac OS X and first enter your Dashlane email address
- Enter your Master Password and click on Log in
- When a security code will be required, copy that code from your Yubico Helper app by clicking on the OTP to clipboard button, and paste that code into the dedicated field on the Dashlane app
How to disable two-factor authentication
You will need to use your Yubico Helper app one last time in order to disable two-factor authentication. If you have lost your YubiKey, click here to learn how to use one of your back-up solutions instead.
- Go to the Security tab in Dashlane's Preferences, and to the Two-Factor Authentication sub-tab
- Unlock the settings by clicking on the lock icon at the bottom left corner of the window
- Click on the switch to disable two-factor authentication
- Confirm that you only want to use your Dashlane ID and Master Password to open your account now
- Get a code from your Yubico Helper app by choosing the config corresponding to Dashlane and clicking OTP to clipboard (alternatively, you can use one of your back-up codes), then paste the code into the provided field when requested by Dashlane.
Two-factor authentication is now disabled!
Note that after two-factor authentication has been deactivated, you will have to re-authenticate all your other devices using our standard security code system that works by e-mail.