Credential Risk Detection is available to organizations with Credential Protection.
What is Credential Risk Detection?
Credential Risk Detection uncovers credential risk across your organization without compromising employee privacy.
To improve security and reduce risks, admins must detect and respond to credential vulnerabilities early, reducing the chance of unauthorized access to sensitive data.
After Credential Risk Detection is turned on, Dashlane securely and silently monitors for weak and compromised passwords entered in company-managed desktop browsers. This tool monitors passwords entered by all employees, including those who haven't created a Dashlane account and those who have an account but are currently logged out.
What are weak and compromised passwords?
Weak passwords contain a combination of characters easily guessed or cracked, and compromised passwords have been either stolen or exposed to unauthorized third parties in a breach. Both weak and compromised passwords put the associated accounts and data at risk, meaning someone other than the intended user can access them.
More about Password Health
Security alerts and Dark Web Monitoring in Dashlane
Dashlane logs any at-risk passwords in the Activity Log in the Admin Console and displays the insights on the Risk Detection page. You can use this data to detect and prioritize risks to take action on.
You can view the top 10 domains with the highest risk and also see how each credential was entered, whether it was autofilled or manually typed. If you haven’t set up Credential Risk Detection, you can see a preview of the feature on the Risk Detection page.
If you have set up SSO in your organization, we'll also let you know if employees are using weak or compromised passwords to access your organization's online accounts with SSO. This is a severe security risk because compromised credentials can be exploited by bad actors to gain unauthorized access to your organization.
When you identify an employee or group with risky password practices, you can invite them to your Dashlane plan. When active plan members have risky password practices, Dashlane lets them know how to use the Password Generator to create strong, secure passwords and store their credentials safely in an encrypted vault.
Like other data stored in Dashlane, Credential Risk Detection data is protected by our patented zero-knowledge security architecture.
Watch Credential Risk Detection in action
Video: Credential Risk Detection
Set up Credential Risk Detection
With a few steps, admins can deploy the Dashlane browser extension silently on managed browsers to monitor for risk without alerting employees. This gives admins an accurate view of every employee's credential risk.
What is a silent deployment?
A "silent deployment" of the Dashlane browser extension means installing the extension on employees' work browsers without any visible prompts or interaction needed from the employee. Admins must configure the managed device policy before deploying Credential Risk Detection. This ensures Risk Detection's proactive threat monitoring doesn't alert or disrupt the employees.
Admins can set up Credential Risk Detection for Google Chrome and Microsoft Edge using Windows and Microsoft Intune or Group Policy (GPO), or macOS and Jamf.
Common questions
Does Credential Risk Detection also gather historical data?
Dashlane collects data about at-risk plan members and inactive employees only from the moment the Credential Risk Detection policies are deployed. Any weak and compromised passwords entered by employees before the deployment won’t be included in the Insights of the Risk Detection page.
Can I set up Credential Risk Detection using a different MDM tool?
Microsoft Intune, Group Policy (GPO), and Jamf are the MDM tools currently supported. While not supported, you can use our setup guides, and the guidelines in your MDM tool to deploy the Credential Risk Detection policies—massDeploymentTeamKey, silent_install, and Username.
Note: Custom guidelines or technical support aren’t available if you set up Credential Risk Detection with a different MDM tool.
Credential Protection deployment using Windows and Intune
Credential Protection deployment using Windows and GPO
Credential Protection deployment using macOS and Jamf
Do I have to set up Single Sign-On (SSO) to turn on Credential Risk Detection?
You don’t need to have SSO to set up Credential Risk Detection. However, if you have set up SSO in your organization and you turn on Risk Detection, we'll also let you know if employees are using weak or compromised passwords to access your organization's online accounts with SSO. This is a security risk because compromised credentials can be exploited by bad actors to gain unauthorized access to your organization.
How do I know if the Credential Risk Detection policy is correctly applied to Chrome?
You can verify that the policy was correctly deployed in Chrome by going to:
- chrome://policy
You can check there if the policy is applied and ensure the MassDeployTeamKey is correct.
Some employees have already installed the Dashlane browser extension on their devices. Can I turn on Credential Risk Detection?
Yes, as long as you deploy the Credential Protection policies, you can turn on Risk Detection. If your employees don't have the extension installed, you must deploy the extension along with the Credential Protection policy. If the extension has already been deployed or installed, you can skip this step.
Credential Protection deployment using Windows and Intune
Credential Protection deployment using Windows and GPO
Credential Protection deployment using macOS and Jamf
How is the Credential Risk Detection data affected if a work device is shared by multiple employees?
Credential Risk Detection identifies the device associated with in weak or compromised password. If the device is used by different employees, there is no way to identify which employee is entering these passwords.
Can I see insights of at-risk credentials entered by all employees, including those who haven't created a Dashlane account?
Yes, the Risk Detection insights now include all employees. The insights collected before July 2025 include only members of your organization who aren't actively using Dashlane. As of July 2025, Risk Detection insights also include data for all active Dashlane plan members, providing a more comprehensive view of your organization's password security.