Real-time coaching with KnowBe4: Getting started guide – Dashlane

The KnowBe4 integration is available to organizations with Password Management or Credential Protection.

With our KnowBe4 integration, you can track how your team members use Dashlane and provide real-time coaching. When you turn on the KnowBe4 integration for your team, we send select activity logs automatically to KnowBe4.

KnowBe4 integration: Getting started guide

Prerequisites

Admin access to Password Management or Credential Protection
Admin access to KnowBe4
The email addresses of employees are the same in KnowBe4 and Dashlane

1. The Strategy: Moving to Just-in-time coaching

For most lean IT and Security teams, managing the human element of risk is a manual, uphill battle. This integration closes the loop between Dashlane’s real-time identity monitoring and KnowBe4’s training automation.

Instead of manually exporting logs or chasing users who resist security best practices, this connection allows you to automate a teachable moment.

How it works:

Real-time detection: Dashlane identifies a user who uses a weak or compromised credential or dismisses a phishing alert.
Smart Group sync: Dashlane automatically adds that user to a dedicated Smart Group in your KnowBe4 console.
Targeted remediation: KnowBe4 triggers a specific training campaign based on that group membership, providing gravity to the risk event when it matters.

2. The Plan: Mapping events to actions

Dashlane reports 11 core behavioral events. Success requires choosing which "Security Plays" to automate based on your organization's risk profile.

Play 1: Using compromised credentials

The Trigger: The user typed a compromised password.

The Risk: A user is actively using a known compromised password to log in to websites or apps.

In the Dashlane Admin Console, go to Activity Log and filter for past Risk Detection events, which will include user logins with compromised or weak passwords

The KnowBe4 play: Enrollment in a 5-minute Cyber Hygiene: Password Management module.

Learn more about Credential Risk Detection

Play 2: AI Phishing Alerts

The Trigger: The user entered a credential in a website that was detected as possible phishing.

The Risk: A user ignored a Dashlane AI phishing alert and entered a password on a website or app that our AI Phishing Detection model has identified as risky.

The KnowBe4 play: Real-time enrollment in a 5-minute Identifying phishing red flags training module.

Learn more about AI Phishing Alerts

Play 3: Vault phishing alerts

The Trigger: The user dismissed a vault phishing alert.

The Risk: A user ignored a Dashlane alert and entered a password on a website or app that isn’t associated with that login in their Dashlane account.

The KnowBe4 play: Enrollment in a 5-minute Cybersecurity Essentials - Social Engineering module.

Learn more about Vault phishing alerts

These are just three plays to get started. We encourage you to be creative and come up with your own Dashlane detection and KnowBe4 remediation feedback loops.

Please share your ideas with integration-feedback@dashlane.com.

3. Deployment: The technical handshake

Setting up the connection takes less than five minutes through the Dashlane Admin Console.

You can set up the integration in a few easy steps:

Log in to your KnowBe4 account.
Go to Account Settings, then select Account Integrations, API and finally, User Event API Key.
Generate a User Event API Key in your KnowBe4 console.
Make sure to copy the token and paste it in a secure place, as it will not be displayed again.
Open the Admin Console in Dashlane. Select Integrations and then Events Reporting.
Select Set up on the KnowBe4 section.
Select the Region URL, paste the KnowBe4 User Event API Key, and select Save.
Activate the KnowBe4 integration.
The Last Sync status will remain “Pending” until the first Dashlane event is sent to KnowBe4.
In the KnowBe4 account, go to Users and select the User Timeline tab. From there, search for a user to see the Dashlane events stream to their timeline.

Note: Consider automating your user provisioning by setting up Confidential SSO and SCIM.

Use Dashlane Confidential SSO and SCIM Provisioning to integrate with your IdP

Important: If you're part of an organization with Credential Protection, activity logs generated for users who are logged out may not match the email address of your KnowBe4 user. We currently use the browser device username for logged-out users' logs. This will be updated soon, with the relevant credentials’ email address assigned to the log.

Use activity logs to track team activity

For more information on User Event API in KnowBe4, check out KnowBe4’s documentation.

Learn more about KnowBe4's User Event API

If you have any issues with this process, please contact our Support team through the Admin Console.

Contact Support through the Admin Console

4. Automation: Activating smart groups and creating training campaigns

This is where your planning becomes reality.

In KnowBe4, go to Users and select Groups, then Create New Group.
Make sure to check the box Make this a Smart Group so that users can be added or removed based on specific criteria.
Select the Smart Group Criteria list, and select the relevant Event Type from the list. Dashlane events are prefixed with “dashlane_”.
Specific Criteria: Match the Dashlane event (for example: user_dismissed_vault_phishing_alert) to the group.
Use the Description field to further filter Dashlane events (for example, distinguishing “weak” vs. “compromised”). Customize the event Count trigger and Time Frame (for example, add a user to this group if they exhibit this risky behavior twice in the last 3 months). Select Save.
Select Save again on the Group page. Users who meet the criteria should appear in the list below soon.

For more information about Smart Groups, check out KnowBe4’s documentation.

Smart Groups Quickstart Guide
Go to the Training section, select Create Training Campaign. From the Content drop-down, choose the relevant training from the ModStore. Customize the start and end dates or duration as usual.
To automatically enroll users in this training campaign, under Enroll Users, select Specific Users, then select the Smart Group created in the previous steps.
Make sure you also check the checkbox Enable automatic enrollment for new users so the training assignment is 100% automated and sent in real time after the event trigger.
Select Add Notification to customize the message users will receive to alert them of their new training assignment. Make sure to tune the other optional configuration fields as relevant for your organization. Then finish by selecting Create Campaign.
Note: It may take up to 10 minutes for the campaign to start after it is created.

For more information about Training Campaigns, check out KnowBe4’s documentation.

Training Campaigns Guide

5. Success metrics: Proving the program's value

Use these metrics to report progress to leadership after 3 months of the integration being live:

Metric	Target
Password Health Score	+20% Organization-wide
Compromised password count	-20% Total Count
Time to remediate	-20% average days to reset
Exposure to phishing	Decrease in dismissed AI Phishing Alerts

FAQs

What kind of risk events will Dashlane send to KnowBe4?

Dashlane will send activity logs related to real in-browser phishing alerts, usage of weak or compromised passwords, and Credential Risk Alerts.

Admins of organizations using only Password Management will receive a limited set of these activity logs.

Log entry	Description	Omnix platform
Vault phishing alerts	A plan member has received a phishing alert A plan member has entered a password after getting a phishing alert A plan member has entered a password on a risky site	Password Management or Credential Protection
Credential Risk Detection	An employee logs in to a website with a compromised password using Dashlane An employee logs in to a website with a weak password using Dashlane An employee logs in to a website with a compromised password while not logged in to Dashlane An employee logs in to a website with a weak password while not logged in to Dashlane An employee logs in to a website with a compromised password while not having a Dashlane account An employee logs in to a website with a weak password while not having a Dashlane account	Credential Protection
AI Phishing Alerts	An employee dismissed an AI phishing alert An employee accepted an AI phishing alert An employee entered a password on a site they received an alert about	Credential Protection
Credential Risk Alerts	An employee received an in-browser risk alert prompting them to change an at-risk password An employee changed an at-risk password following an in-browser risk alert	Credential Protection

Will I see historical events?

Your KnowBe4 integration won't log any previous events. Only new events will be tracked after the setup.

How can I verify that the connection is working?

Both the Dashlane Admin Console and the KnowBe4 Console will display your connection status with error message information.

However, if you want to take it a step further, you can trigger a risk event by doing one of the following. Please make sure you are doing so safely:

Weak password: Look for a known weak password in your Dashlane Password Health dashboard and use it to log in to that site to trigger a user_typed_weak_password event.
AI Phishing Alert: Navigate to this simulated phishing website: https://docusign-login.replit.app/ - Typing into the form field will trigger a user_entered_credential_phishing_website_ai event.
Vault phishing alert: Go into your Dashlane extension, look for any website’s password, copy the password, and paste it into the form field of this simulated phishing website: https://docusign-login.replit.app/. This will trigger a user_dismissed_vault_phishing_alert event.

How can I send feedback?

We're eager to hear your feedback. Please don't hesitate to contact your Customer Success Manager, if you have one, or email us directly at integration-feedback@dashlane.com.