7 comments

[ 2.7 ms ] story [ 23.0 ms ] thread
The concept is really, really good! I'm curious how they had all these providers let them change users' passwords though, most of them don't have any public APIs for that.
Disclaimer: I work there We don't use any APIs, we just get in there with a headless browser (phantom) and mimic the user actions to change his password.
Won't you get targeted by anti-bot systems pretty quickly? Are you doing these changes on the user's computer or in the cloud?
>> Are you doing these changes on the user's computer or in the cloud?

I'm surprised this wasn't covered in the blog or FAQ. Seems like an important detail that security-minded customers would care about.

Can someone smarter than myself tell me how secure this is? If I was a hacker wouldn't i just hack Dashlane and have all the passwords?