About three weeks ago, New York City-based Dashlane announced Project Mirror, an initiative it said would kill the password.
Of course, the company — responsible for one of the more popular and capable password managers available to Android and iOS users — is not the first to promise that final, much-needed death of the password.
Abacus’ premise was that it was going to use multiple supporting biometrics to establish a user’s identity. Almost two years later, Google has yet to provide an update on the platform — in fact, there’s currently no mention of Abacus on ATAP’s website.
However, even if passwords continue to be the way in which internet users secure their online identities, something has to change.
According to Ryan Merchant, a senior manager at Dashlane, the average North American internet user has approximately 150 accounts to their name. By 2022, a mere four years from now, Dashlane predicts that number will increase to 300.
Following the recent Equifax and Yahoo breaches, the company conducted a survey that found 82.41 percent of respondents concerned about their online safety. And yet in that same study, eight in 10 respondents said they re-use at least one major password.
Meanwhile, a recent PEW Research Center study found that only 12 percent people use a password manager. Anecdotally, Merchant says an even smaller number of people either know what two-factor authentication is, or use an app like Authy (Android and iOS) to add an extra layer of security to their online accounts.
“In the tech world, we assume everyone is using a password manager, but the number of people using them globally is minuscule,” he says over the phone. “Our greatest competitor is actually people doing nothing.”
This is where Project Mirror comes into play.
Rather than representing an attempt to eliminate the password, Project Mirror wants to make it a lot easier to manage all of one’s passwords by automating the process of creating, storing and entering them. It’s about stopping people from re-using passwords.
If this sounds a lot like what Dashlane and other password managers already do, it is, but inherent in Project Mirror is Dashlane’s desire to make its app even easier to use, so that everyone can take benefit from its security-focused features.
It’s for this reason that Project Mirror has a chance to succeed where other similar attempts have failed.
Dashlane will launch Project Mirror when it releases the first feature associated with the platform, Critical Account Protection, later this year.
Critical Account Protection is an amalgamation and improvement of two existing Dashlane features.
The first is called Inbox Scan, which Dashlane initially launched in 2015, while the second one is the company’s automatic password changer.
The revamped Inbox Scan will provide Dashlane users with an overview of the total number of accounts associated with their email — highlighting important ones, in addition to providing an overall count. The feature will also flag any compromised accounts (think: Have I been pwned?), as well as provide a visual snapshot of users’ account activity.
The utility of the improved Inbox Scan is that it will provide Dashlane users with an overview of all their online identities, as well as remind them of any online accounts they may have forgotten they ever had.
Meanwhile, Dashlane says it will make its automatic password changer feature compatible with a greater variety of websites. In addition, it will work faster, allowing users to change a greater number of passwords simultaneously.
Used in combination, the goal of these two features is to make it easier than ever for Dashlane users to create a different, secure password for every account they have online.
If a hacker gains access to one of their accounts through the negligence of a major online platform, Inbox Scan will notify users of the breach, while the automatic password changer will allow them to change any compromised passwords without fuss.
Again, it’s all about ensuring that internet users have a different password for every single account associated with their online identity.
“One of the big misconceptions when it comes to online security is that there’s an ideal password,” says Merchant. “I can give you the most secure password in the world, but if you’re using that same password every single account you have, all it takes is one breach and hackers have access to your personal information.”
Passwords are the first and sometimes only line of defence internet users have against a hacker gaining access to their personal information.
Merchant points to the recent Yahoo and Uber breaches, where the two companies waited to disclose that they were hacked, as one of main reasons why internet users need to be proactive in creating a different password for each of their online accounts.
It’s important to both Merchant and Dashlane to make managing online accounts even easier than it is today.
“It’s about making passwords and security simple for everyone,” he says. “From our perspective, the people following these breachers are starting to realize, on the security end, how vulnerable they are. They see these breaches happen, but they still don’t know what do, and even if they do, they’re often intimidated by it. This is a big first step for us, making it even easier for everyone, so that everyone can control their online security on their own.”
He goes on to compare what Dashlane is trying to achieve with Project Mirror to what Google was able to accomplish with Search.
“We’re trying to synthesize all this stuff and make it easy,” says Merchant. “Google won the search engine wars because their product was easy to use and it worked well. That’s the same approach we have with this. Security is so intimidating to most people.”
“This is what we do. This is what our expertise is in, and this is our business,” he says. “We are more focused on it than probably any other company in the world. I know that’s a big statement, but it’s true. We look this issue as being critical.”