One of the best password managers around has announced a new feature that will let its users login to their vaults with a master password.
Passwordless Login will instead let users secure their Dashlane account with whatever they use to lock their smart device, such as their PIN or biometric data, which commonly means your fingerprint or face.
The platform was the first to accommodate passkeys, the new passwordless technology that has the support of big tech companies like Apple, Google and Microsoft, to name a few. In the same vein, Dashlane has now extended the use of passwordless technology to secure the vaults of their users themselves.
Not quite passkeys
Credential security is more important than ever, as the amount of digital accounts we hold today continues to rise at a rapid rate. This also means, however, that issues around passwords have also multiplied. Dashlane cites a report from Gartner that found 20-50% of all helpdesk calls are related to password resets.
Although password managers are designed to eliminate the most common problem associated with passwords, a master password is still needed to access your stored passwords themselves, and needs to be committed to memory.
Dashlane hopes that with the optional removal of a master password, there is now one less worry in your world of credentials.
Dashlane claims its new passwordless way to access your account is phishing resistant, since there is no phrase to phish for. It also said that “passwordless accounts that don’t suffer from the vulnerabilities of traditional passwords and multifactor authentication (MFA). Not only does this strengthen overall security posture, it removes user friction and provides a more accessible way for people to access their accounts and protect their personal information.”
Although it doesn’t use the exact same technology as passkeys – despite Dashlane becoming a board-level member of the FIDO alliance, which sets the standards for passkey technology – the new Passwordless Login does still use cryptographic keys. These are “generated with Elliptic-curve Diffie-Hellman (ECDH) to assist with securely exchanging secrets between devices, making setting up a new device fast and secure and regaining access simple.”
Despite the keys being stored on device, Passwordless Login is cross-platform, and is also “agnostic to the state of a user’s hardware and software.” It should also make the process of signing in faster too.
In addition, Dashlane has also provided a passwordless recovery method for Dashlane account users should they lose their device, called the Dashlane Account Recovery Key, which will also be available for current users who still use a master password.
Spelling out Dashlane’s intentions going forward, CEO John Bennett said,”Unveiling today’s passwordless technology marks a significant milestone in our journey towards a future with no passwords.”
New Dashlane users will be able to set up an account without a password in the coming months, whilst existing customers will be able to make the switch later this year as their roll out begins.