Credential Risk Detection is available to organizations on a Dashlane Business Plus plan. Admins of Dashlane Business plans can trial the feature until March 17, 2025.
Upgrade to Dashlane Business Plus
Estimated time to complete: 20 minutes
Admins can use the master data management (MDM) tool Microsoft Intune to set up Credential Risk Detection for company-managed Google Chrome and Microsoft Edge desktop browsers on Windows.
Note: You can't use Jamf on Windows or Intune on macOS.
More about Credential Risk Detection
What is Microsoft Intune?
Looking to set up Risk detection on macOS using Jamf?
Although Credential Risk Detection is most beneficial when rolled out to your entire organization, you can start with a smaller group (or just yourself) during setup and extend it to more employees anytime. To add more employees, update the groups included in your Credential Risk Detection policy.
Process overview
Prerequisites
Make sure you have the appropriate access needed to set up Credential Risk Detection:
- Admin access to a Dashlane Business Plus account
- Admin access to Microsoft Intune on Windows
- Permission to deploy policies to devices using Intune
Set up Credential Risk Detection on Windows using Intune
Setting up Risk Detection involves four main steps:
- Configure the Risk Detection policy
- Confirm the policy was applied correctly
- Deploy the Dashlane Extension
- Turn on Risk Detection
If you prefer, watch the Windows + Intune step-by-step video
Review insights and take action
After Credential Risk Detection is turned on, any at-risk passwords entered by employees in company-managed desktop browsers will be logged in the Activity Log and displayed on the Insights tab on the Risk Detection page.
When you identify an employee with risky password practices, you can invite them to your Dashlane plan. With Dashlane, they can use the Password Generator to create strong, secure passwords and store their credentials safely in an encrypted vault.
More about Risk Detection insights
1: Configure the Risk Detection policy
Don't skip this step, even if you've already deployed the Dashlane extension.
What if the extension has already been deployed?
You must deploy the Credential Risk Detection policies before you deploy the Dashlane extension. This order ensures the extension installs silently. If you don't deploy the policies to your targeted machines, your employees will be asked to log in to Dashlane on every login screen. If you deploy the extension before the policies, employees might create a personal account before the policies are applied.
What is a silent deployment?
A "silent deployment" of the Dashlane browser extension means installing the extension on employees' company-managed desktop browsers without any visible prompts or interaction needed from the employee. Admins must configure the managed device policy before they deploy Credential Risk Detection to avoid inadvertently notifying employees about Dashlane.
Note: If you're deploying to both Chrome and Edge, you must complete these steps for both browsers.
In the Dashlane Admin Console, start the setup:
- Open the Dashlane Admin Console
- From the menu, select Risk Detection. On the Risk Detection page, select Start setup.
- Select the Intune tab and the browsers you're deploying to. Ensure your selection is accurate before downloading the script so your file is created correctly.
- In the Windows guidelines section, select Download. Your device automatically downloads a (Powershell) script file so you can apply the Credential Risk Detection policy to your deployment software. After the file downloads, go to Intune.
In Intune, add the new policy:
- Open Intune and select the following in order:
- Devices
- Scripts and Remediations
- Platform scripts
- Add
- Windows 10 or later
- Enter a name for the police. For example, Dashlane Credential Risk Detection.
- Select Next. You're prompted to select the file you downloaded.
- Select No for the remaining three options on the screen, then select Next.
- On the next page, select Add Groups. Then, select the boxes next to the names of the groups you want to deploy to and the policy and configurations needed for the feature to work. Ensure you include all the employees you want to protect, even if they don't have a Dashlane seat.
Although Credential Risk Detection is most beneficial when rolled out to your entire organization, you can start with a smaller group (or just yourself) by restricting the policy. You can extend Risk Detection to more of your employees at anytime.
- Select the Select button and then select Next.
- Review and validate the configuration, then select Add. A message confirms the policy was created.
After performing these steps, the deployment might take up to eight hours, but it's usually faster.
2: Confirm the policy was applied correctly
To ensure Risk Detection's proactive threat monitoring doesn't alert or disrupt employees, you must wait for the policy to take effect in your MDM before deploying the Dashlane extension to enrolled devices and activating the feature.
Check the policy was applied:
- Using a device that was part of the group the script was deployed to, go to Registry Editor and select the following folders for Chrome and Edge:
HKEY_LOCAL_MACHINE > Software > Policies > Google > Chrome > 3rdparty > extensions
HKEY_LOCAL_MACHINE > Software > Policies > Microsoft > Edge > 3rdparty > extensions
- You'll see a folder named using the Dashlane Extension ID. Under that folder, the policy folder contains the actual values of the Risk Detection policy.
In the Dashlane Admin Console, confirm the policy was applied:
- On the Risk Detection page, go to step 2 and select the confirmation checkbox.
- Select Continue.
3: Deploy the Dashlane Extension
You can skip this step if you've previously deployed the extension.
You must deploy the Credential Risk Detection policies before you deploy the Dashlane extension. This order ensures the extension installs silently. If you don't deploy the policies to your targeted machines, your employees will be asked to log in to Dashlane on every login screen. If you deploy the extension before the policies, employees might create a personal account before the policies are applied.
Return to step 1 to deploy the policy
What if the extension has already been deployed?
To deploy the Dashlane extension, you must add a new device configuration to Intune using the Configure the list of force-installed apps and extensions template using the browser value in the Dashlane Admin Console. If you can't find this template, ensure you've imported Chrome ADMX.
Import Chrome ADMX
If you're deploying to both Chrome and Edge, repeat these steps for each browser.
In the Dashlane Admin Console, copy the browser value:
- On the Risk Detection page, go to step 3 and select Copy value.
In Intune, add a new device configuration:
- Select Devices, Configurations, and then Create and New policy. Use these settings to define the policy:
- Platform: Windows 10 and later
- Profile type: Templates
-
Template name: Administrative templates
- Select Create, enter a name for the Profile (for example, "Deploy Dashlane Extension"), then select Next.
- Locate the folders for Google or Edge:
Google > Google Chrome
Microsoft > Edge - In the search bar, type "force" and select Configure list of force-installed apps and extensions.
- In the Extension/app IDs and update URLs to be silently installed field, select Enabled, paste the value you copied from the Dashlane Admin Console, and select OK.
- Confirm the Enabled status and select Next.
- On the next screen, set the Scope tags to Default and select Next.
- Select Add Groups and select the boxes next to the names of the groups to which you want to deploy the extension.
- Select the Select button and then Next.
- Review the information and select Create.
The policy is now active. If a plan member hasn't enrolled with Intune, they'll be prompted to do so when they sign in on a managed device. After they enroll, Intune automatically installs the Dashlane web extension in their browser.
In the Dashlane Admin Console:
- On the Risk Detection page, go back to step 3 and select Continue.
4: Turn on Risk Detection
Activate Risk Detection to get insights on risky password behavior across company devices. The associated activity logs detail the employee and the website accessed but don't include the password itself.
In the Dashlane Admin Console:
- On the Risk Detection page, go to step 4 and select Turn on.
After Credential Risk Detection is turned on, any at-risk passwords entered by employees in company-managed desktop browsers will be logged in the Activity Log and displayed on the Insights tab on the Risk Detection page.
When you identify an employee with risky password practices, you can invite them to your Dashlane plan. With Dashlane, they can use the Password Generator to create strong, secure passwords and store their credentials safely in an encrypted vault.
More about Risk Detection insights
Watch the Windows + Intune setup video
You can watch a step-by-step video of the Windows + Intune setup. Turn on the sound to hear the voiceover.
If you have any issues turning on this feature, please contact our Support team.
Contact an agent through the Admin Console
Chat with our bot
Common questions
The Dashlane extension has already been deployed to all members. How can I turn on Credential Risk Detection?
If the extension has already been deployed and you want to turn on Credential Risk Detection for existing employees, you can skip steps 2 and 3 in the setup guide. You can turn on the feature after deploying the Credential Risk Detection policy.
What is Microsoft Intune?
Microsoft Intune is a cloud-based endpoint management solution. It manages user access to organizational resources and simplifies app and device management across devices, including mobile devices, desktop computers, and virtual endpoints.