An OTP key—a device that provides a "one time password"—can be used as your two-factor authentication, and add an extra layer of security to your Dashlane account. Someone trying to access your data would need not only your Master Password, but also need access to the OTP security key you used to set up your 2FA.
Keep in mind that this means that you must always have access to that security key, or else the back-up solutions that we offer when activating two-factor authentication.
Contents
Prerequisites
Naturally, to use this feature you first need to have an OTP-compatible security key. These can be purchased from Yubico's website. YubiKey Standard and YubiKey Nano are OTP-only models that you can choose.
On Windows, you will need to download the Yubico Authenticator to set-up two-factor authentication and generate codes.
Please note that only 6-digit codes can be used with Dashlane. Make sure that you are not generating 8-digit codes.
Lastly, you will also need to make sure you have available configurations in your YubiKey. If all your configurations are currently used, you will need to download the YubiKey Personalization Tool to delete a configuration.
Also, remember that two-factor authentication replaces the security codes which would be normally sent to you by e-mail when authenticating a new device or resetting your account.
If you own a security key that is compatible with both OTP and U2F, and if you also wish to use that same security key to activate U2F in Dashlane, we strongly recommend that you do not use its OTP function to replace your two-factor authentication app.
Steps to enable two-factor authentication
To enable two-factor authentication, on Windows go to Tools > Preferences, and on macOS select Dashlane > Preferences in the menu bar at the top of the screen.
Open the Security tab, and click on the Two-Factor Authentication sub-tab. Here, click on the lock icon at the bottom of the window to unlock the Settings (you will be prompted to enter your Master Password), then click on the switch to enable two-factor authentication.
Choose one of the two different security levels available:
Only when I add a new device to my account means that you will need to authenticate yourself via your second factor only when an unauthorized device is used to access your Dashlane account. Once authenticated, we will never ask you to repeat this step on that device.
Each time I log into Dashlane is the most secure setting. You will need to authenticate yourself via your second factor each time your Dashlane account is accessed.
Note that you will need to disable two-factor authentication and re-enable it altogether if you wish to switch between security levels.
Then copy the secret key that is currently displayed above the QR code by Dashlane.
Now, make sure your YubiKey has been inserted into a USB port on your computer, then click here to download the Yubico Helper app for Windows: YubiKey TOTP Application for Windows. Run the app, right-click the Yubico TOTP generator icon in your Windows taskbar and click on Show configuration window. Once the Yubico TOTP generator window opens, choose an available config (1 or 2) and click on Check.
The app will tell you if that particular configuration is available.
Please then paste the secret key previously copied from Dashlane into the Paste key data here field.
Your Yubico Helper app will then start generating 6-digit codes for Dashlane. While using the config corresponding to Dashlane, please click on the OTP to clipboard button to copy a code generated by the app and paste it into the same Dashlane window from which you got your secret key before, into the field at the bottom.
Remember that two-factor authentication replaces the security codes which would be normally sent to you by e-mail when authenticating a new device or resetting your account.
As such, Dashlane offers you two different back-up solutions in case you lose your mobile device or cannot use it anymore: A back-up phone number, or else back-up codes.
Back-up phone number
If you lose your mobile device, we will send a code to a phone number that will allow you to disable two-factor authentication.
If you get a new phone or want to change the number, you must disable and re-enable two-factor authentication again with the new number.
Back-up codes
The other way of disabling two-factor authentication is to use unique back-up codes provided by Dashlane. Use one of them (in addition to your Master Password) instead of your second factor to temporarily bypass the two-factor authentication and access your account. Note that each of back-up code can only be used once!
Make sure to safely save these codes outside of Dashlane for later use.
Your two-factor authentication is now set-up!
How to sign-in to your Dashlane account if two-factor authentication is enabled
Now that two-factor authentication is set up:
- To log in to Dashlane, open the app on Windows or Mac OS X and first enter your Dashlane email address
- Enter your Master Password and click on Log in
- When a security code will be required, copy that code from your Yubico Helper app by clicking on the OTP to clipboard button, and paste that code into the dedicated field on the Dashlane app
How to disable two-factor authentication
You will need to use your Yubico Helper app one last time in order to disable two-factor authentication. If you have lost your YubiKey, click here to learn how to use one of your back-up solutions instead.
- Go to the Security tab in Dashlane's Preferences, and to the Two-Factor Authentication sub-tab
- Unlock the settings by clicking on the lock icon at the bottom left corner of the window
- Click on the switch to disable two-factor authentication
- Confirm that you only want to use your Dashlane ID and Master Password to open your account now
- Get a code from your Yubico Helper app by choosing the config corresponding to Dashlane and clicking OTP to clipboard (alternatively, you can use one of your back-up codes), then paste the code into the provided field when requested by Dashlane.
Two-factor authentication is now disabled!
Note that after two-factor authentication has been deactivated, you will have to re-authenticate all your other devices using our standard security codes sent to you by e-mail.