Credential Risk Detection is available to organizations on a Dashlane Business Plus plan. Admins of Dashlane Business plans can trial the feature until March 17, 2025.
Upgrade to Dashlane Business Plus
Credential Risk Detection uncovers credential risk across your organization without compromising employee privacy.
What is Credential Risk Detection?
Our zero-knowledge architecture ensures that no one, not even Dashlane, can access anyone's credential data. We used these same principles when building Credential Risk Detection to ensure the security of your employees's data.
This is how Credential Risk Detection protects your privacy:
- Password inputs are security checked locally on each employee's browser
- Audit logs are protected with encryption using AWS Nitro technology
- Log entries include only the domain and the employee work device profile username, not the password itself
How does Dashlane identify weak and compromised passwords?
Dashlane uses an algorithm to detect weak and compromised passwords. As with credentials in the vault, neither Dashlane nor the Dashlane admin can access the passwords that Credential Risk Detection monitors or detects.
Credential Risk Detection doesn't track all employee browser activity or save sensitive data like the usernames or passwords employees enter on a website. The tool provides only the most relevant information to admins:
- Who entered the at-risk password, identifying them using their employee work device profile username, which can differ from their email address
- The website domain where the employee entered the password
- The password's risk classification, indicating whether it's weak or compromised
More about Dashlane security and privacy
Read Dashlane's Credential Risk Detection privacy statement
Read Dashlane's Security Principles & Architecture white paper
Learn more about Security at Dashlane