There's a war raging between hackers and companies, and you're caught in the crossfire. Every time a company gets hacked, you have to change your password. And don't you dare reuse it somewhere else.
黑客和企业之间在发生战争，而你也深陷其中。每次企业受到黑客攻击，你都不得不修改自己的密码，还不敢在其它地方重新使用这个密码。
Dreaming up a different password for every site and service is the only way to keep your stuff safe online, but it's also a gigantic nuisance. There's one thing you can -- and should -- do to help: Get a password manager program.
为每一个网站和每一项服务想一个不同的密码是让你的东西在网上获得安全保证的唯一办法，但这也是一件大麻烦事。对此，你能够、也应该做的一件事是：使用密码管理程序。
I have more than 150 different logins and counting. I'd have to be Rain Man to memorize that many passwords. So I went on a hunt for the best services for storing all my passwords, and whittled down the list to four that get the job done and offer enough security for most of us: 1Password, Dashlane, LastPass and PasswordBox.
我有150多个不同的登录名，这个数字还在增加。我必须成为雨人(Rain Man)才能记住那么多的密码。因此我开始寻找可以储存我所有密码的最好工具，最终将备选名单减少到四个：1Password、Dashlane、LastPass和PasswordBox。它们可以不辱使命并为我们大多数人提供足够的安全保证。
LastPass is a good choice for people who use newer technology like fingerprint scanners. For the really paranoid, 1Password offers the most control over where your encrypted vault of passwords gets stored.
LastPass对于使用指纹扫描仪等新技术的人来说是一个很好的选择，而对于真正的偏执狂来说，1Password可以对你的加密密码库的所在位置提供最优的控制服务。
For most people, I recommend Dashlane. It's simple, so you'll actually use it. It may even save you clicks.
对于大多数人，我推荐使用Dashlane。它很简单，所以你真的会用它，它甚至可以让你减少你点击鼠标的次数。
But, wait -- isn't storing all your passwords in one place a terrible idea? It's better than reusing easily remembered passwords everywhere. Password managers hide your information behind a master password that only you know.
不过，等等――把你所有的密码存放在一个地方，这难道不是一个可怕的想法吗？这总比在所有地方重复使用轻而易举就记得住的密码要好。密码管理器会把你的信息隐藏在一个只有你才知道的主密码后面。
Nothing is 100% guaranteed, but all four of these managers take the additional security step of never sending your master password over the Internet. They're like a safety deposit box that a professional keeps without knowing what's inside, or even holding a key to open it.
没有什么东西是有100%的保证的，但这四种密码管理器都采取了额外的安全措施，永远不会在互联网上发送你的主密码。它们就像一个保险箱一样，保管它的专业人士并不知道里面放的是什么，甚至没有打开它的钥匙。
In an age where more of our personal information lives, password protected, up in the cloud, we need defenses beyond antivirus software. Using a password manager is the next step.
在我们越来越多的个人信息通过密码保护的方式存储到云端的年代，除了杀毒软件以外，我们还需要额外的防护。使用密码管理器就是下一步要采取的措施。
Dashlane is like the memory you wish you had. It keeps track of not only passwords, but also credit card numbers and user IDs, filling them in when you need them across many different devices. It also keeps a helpful scorecard on the quality of your existing passwords, and nudges you to improve them.
Dashlane恰如你希望拥有的那种记忆力，它记录的不光是密码，还有信用卡卡号及用户名，当你在诸多不同设备上需要这些信息的时候就可以把它们填进去。Dashlane还有一个用处很大的记分卡，可以评估你现有密码的可靠性并敦促你加以改进。
Dashlane is free to use on any single device; a $30 annual subscription lets the Dashlane apps automatically sync your data across devices. You can try this premium service free for 30 days.
Dashlane在任何一台单一设备上都可以免费使用；缴纳30美元（约合人民币187元）的年费就可以让Dashlane应用软件自动同步你在各个设备上的数据，你可以免费试用这项高级服务30天。
Setting up Dashlane is a pleasure. Its app slurps up the passwords that been saved unencrypted in your Web browser, and learns new ones as you type them. All of this gets protected by the master password, encrypted in a database on your computer or mobile device. Every time you start your computer or open the Dashlane app, you must log into the app with that master password. (You can make it ask for your password more often, like whenever your device is idle for too long.)
安装Dashlane是一种乐趣。Dashlane应用会吞噬掉你在网页浏览器中没有加密的密码，并在你输入新密码时记住它们。所有这一切都得到一个主密码的保护，主密码在你的电脑或移动设备上的数据库中进行了加密。每次你启动电脑或打开Dashlane应用的时候，你必须用那个主密码登录进入该应用。（你可以让它更频繁地询问你的密码，比如当你的设备太长时间没有操作的时候。）
Dashlane uses an add-on to Web browsers, including Chrome, Firefox, Internet Explorer and Safari. When you're logging into a site Dashlane knows, it puts a small icon (a dashing impala) in the login box to let you know it can enter your username and password -- even your credit card number. If you tell it to, Dashlane will even press the 'login' button automatically. It doesn't work on every site, but does a better job than most.
Dashlane在网页浏览器上使用的是一个插件，适用的浏览器包括Chrome、火狐(Firefox)、IE（Internet Explorer）和苹果Safari。当你登录一个网站的时候，Dashlane是知道的，它会在登录框中放入一个小图标（一只奔跑的黑斑羚），以便让你知道它能够输入你的用户名和密码――甚至你的信用卡卡号。如果你令其这么做，Dashlane甚至会自动按下“登录”键。Dashlane的这种功能不是在每一个网站都能奏效，但比起其它大多数应用来效果好多了。
Along the way, Dashlane also tries to improve your security. When you're changing a password or starting a new account, it suggests a strong one that would confound even a supercomputer. And its colorful security scorecard cheerfully humiliates you into replacing weak or repeated passwords.
在这一过程中，Dashlane还会尽力提高你的安全保障。当你在修改密码或开启一个新账户时，它会建议设置一个甚至可以迷惑一台超级计算机的强效密码。它那五彩缤纷的安全记分卡会得意洋洋地奚落你，让你更换易被破解或重复的密码。
Where password managers really become helpful is keeping your passwords up-to-date across all sorts of devices -- computers, phones and tablets. (I ruled out the password keepers built into Google's Chrome browser and Apple's iCloud because neither works across all of my stuff.)
密码管理器真正有用的地方是让你的密码可以在各种设备上――电脑、手机和平板电脑――得到更新。（我排除了谷歌(Google) Chrome浏览器中内置的密码管理器和苹果(Apple)的iCloud，因为两者都不能更新我所有的设备上的密码。）
Dashlane works largely the same way on Android phones and tablets, automatically entering your passwords in apps, though not yet on the default Chrome browser. (The company says it is working on that.)
Dashlane在安卓系统(Android)的手机和平板上的工作方式大致相同，会自动在应用软件中输入你的密码，不过在默认的Chrome浏览器上还无法运作。（该公司说它正在解决这个问题。）
On iPhones and iPads, the Dashlane app allows you to copy and paste all of your logins and passwords into a browser, but can't fill them in for you because of Apple's programming rules. (The same problem afflicts most password managers except for PasswordBox, which has figured out a way to auto-login on a handful of big sites on mobile Safari.)
在iPhone和iPad上，Dashlane应用允许你将所有的登录名和密码复制、粘贴到浏览器，但碍于苹果公司的编程规则，它不能替你填写这些信息。（同样的问题还困扰着除PasswordBox以外的大多数密码管理器，PasswordBox已经找到一个办法在移动Safari浏览器上自动登录一些大的网站。）
If you share a computer with family members, Dashlane remembers multiple logins without asking you to set up profiles. And the company says it is close to launching a new families-and-teams version that will make it easier to sync passwords between people who share, say, an Amazon or Netflix account.
如果你与家人共用一台电脑，Dashlane不用让你设置配置文件就可以记住多个登录名。该公司说，它即将推出一款家庭-团队版本的新管理器，让那些共用亚马逊(Amazon)或网飞(Netflix)等账户的人之间可以更容易地同步密码。
Behind the scenes, Dashlane takes some important steps to secure your data. It never sends your master password over the Internet, and it protects your personal data using advanced encryption known as AES-256 before syncing it with your other devices via its servers. Neither Dashlane nor a hacker (or government agency) breaking into the company's systems could access your data without knowing your master password. This setup prevented Dashlane from even being vulnerable to the recent Heartbleed security catastrophe.
在幕后，Dashlane采取了几项重要措施保证你的数据安全。它永远不会在互联网上发送你的主密码，在通过其服务器将密码与你的其它设备同步之前，它使用一种名为AES-256的高级加密技术来保护你的个人数据。Dashlane和侵入公司系统的黑客（或者政府机构）如果不知道你的主密码，都无法获取你的数据。这种设置甚至让Dashlane避过了最近的Heartbleed安全漏洞一劫。
But if you really want to keep your stuff off the Internet, Dashlane gives you that option, too, though you'll need to sync passwords manually across devices. (The password manager that does the best offline syncing is 1Password.)
但如果你实在希望你的密码不出现在互联网上，Dashlane也会给你那样的选择，不过你需要在设备之间手动同步密码。（离线同步做得最好的密码管理器是1Password。）
OK, what happens if somebody manages to get your master password? That could happen if someone installs a piece of keylogging malware on your computer -- and is a good reminder that you should run antivirus software to keep such attacks at bay.
好了，要是有人设法获取了你的主密码怎么办呢？假如有人在你的电脑上安装了一款键盘记录恶意软件，这种事情很可能发生――这对你也是一个很好的提醒，你应该运行杀毒软件，将那样的攻击拒之门外。
But even if that happened, there's an additional layer of security: Dashlane won't let someone unlock your passwords on a new device without first entering an ever-changing code it sends directly to your phone or email.
不过，即便发生了那种事，另外还有一层安全保护措施：如果不先输入一个直接发送到你手机或电子邮件的随机验证码，Dashlane是不会让人在一台新设备上给密码解锁的。
This important two-step authentication is only available from Dashlane and LastPass, though PasswordBox says it is working on it. A 1Password spokesman says this additional authentication isn't helpful with its design, where there is no central silo of your data. But I think it helps to know if someone is trying to get into your stuff.
这种两步验证身份的重要手段只有Dashlane和LastPass才提供，而PasswordBox说它正在做这项工作。1Password的一名发言人说，这种附加的身份验证对于1Password的设计来说没有多大用处，1Password里没有你的中央数据库。但我认为假如有人试图进入你的地盘时，这种验证可以帮你了解状况。
Still, why should you trust Dashlane, a two-year-old startup with two million customers?
那么，你为何应该信任Dashlane这家有两年历史、两百万客户的初创企业呢？
Because selling security is the only way Dashlane makes money. And if you decide it is not worth $30 a year, Dashlane lets you export your password database in forms that can be read by you or another password manager.
因为Dashlane赚钱的唯一途径是卖安全。如果你认为一年30美元的费用有所不值，Dashlane允许以你或别的密码管理器可以读取的方式输出你的密码数据库。
You could even use the old-fashioned technique, and print out the database on paper. As crazy as that sounds, it's still safer than using the same password over and over again.
你甚至可以用老式的手段把数据库打印在纸上。虽然那听起来有点疯狂，但它还是比一遍又一遍地使用相同的密码更加安全。