Home Admin Help Center

Explore Credential Risk Detection insights

For admins only For all plans

Explore Credential Risk Detection insights

Printer icon
Updated

Credential Risk Detection is available to organizations with Credential Protection.
What is Credential Risk Detection?

Who is included in Risk Detection insights?

Credential Risk Detection logs at-risk passwords for all members of your organization, including those who haven't created a Dashlane account and those who have an account but are currently logged out.

After Credential Risk Detection is turned on, Dashlane logs any at-risk passwords that members of your organization have entered in company-managed desktop browsers.

The data from the Activity Log is displayed on the Risk Detection page in the Admin Console. You can use this data to detect and prioritize which risks you need to address. If you haven’t set up Credential Risk Detection yet, you’ll see sample data on the Risk Detection page.

You can also view detailed data for Risk Detection in the Insights Dashboard tab of the Admin Console.

Learn more about the Insights Dashboard

3_tac_risk_detection_insights.png

What insights are included in Risk Detection?

The Risk Detection insights display the total number of weak and compromised passwords entered on company-managed desktop browsers. These insights cover passwords entered by active Dashlane plan members, as well as by employees who aren't currently logged into Dashlane. You can also see whether these passwords were typed or autofilled.

With the Risk Detection insights you can see the employees and domains most at risk, how many weak and compromised passwords the plan members and inactive employees have, and their last activity.

If you have set up SSO in your organization, we'll also let you know if employees are using weak or compromised passwords to access your organization's online accounts with SSO. This is a severe security risk because compromised credentials can be exploited by bad actors to gain unauthorized access to your organization.

tac_compromised_logins_warning_risk_detection.png

Important: Risk Detection insights collected before July 2025 include only members of your organization who aren't actively using Dashlane. As of July 2025, Risk Detection insights include data for all active Dashlane plan members, providing a more comprehensive view of your organization's password security.

When you identify an employee or group with risky password practices, you can invite them to your Dashlane plan. When active plan members have risky password practices, Dashlane sends them a message on how to use the Password Generator to create strong, secure passwords and store their credentials safely in an encrypted vault.

Over time, you'll see changes in these numbers according to how consistently your plan members start using Dashlane and strengthen their passwords.

To export Risk Detection logs to a CSV file and filter the logs, select Download CSV.

Invite employees to your plan
Generate a password or passphrase using Dashlane

Risk Detection visibility

After setting up Risk Detection, admins of organizations with Credential Protection can see how many of their vault users are visible to Risk Detection in the Users page of the Admin Console.

tac_users_credential_protection_visibility.png

If admins haven't completed deploying the extension or the Credential Protection policies, or if Risk Detection wasn't turned on, you'll see this indication in the same section of the Users page. So the next step is always clear, we'll tell you to Turn on Risk Detection or Review your deployment, for example, among other indications.

Admins can also see if each plan member is identified by Risk Detection, as there will be a Visible or Not Visible badge across all vault users in the Users page of the Admin Console.

View detailed data for Risk Detection using activity logs

Dashlane offers a detailed Activity Log, which admins can search and filter to find plan members and employees with weak or compromised passwords. These logs help you pinpoint the exact device and website using an at-risk password.

To view all risky password activity across employees, go to the Activity Log page and filter the log by selecting Risk Detection as the Category. You can also filter the logs by different activity types and for different periods of time for more granular data.

To export Risk Detection logs to a CSV file and filter the logs, select Download CSV.

Activity logs are encrypted using AWS Nitro technology and don't include the password itself, helping maintain employee data privacy.

More about Credential Risk Detection and privacy

2_activity_log_admin_console_highlighted.png

Activity logs can be accessed Splunk if that integration is in place.

More about Activity Logs
Track team activity for your professional plan with Splunk

Add more employees to Risk Detection

Although Credential Risk Detection is most beneficial when rolled out to your entire organization, you can start with a smaller group (or just yourself) during setup and extend it to more employees anytime.

To add more employees, update the Credential Risk Detection policy.

Add employees on Windows using Intune
Add employees on Windows using Group Policy (GPO)
Add employees on macOS using Jamf

Powered by Zendesk