Every day it seems a new website or service experiences a security breach. Sometimes it's a big name and you hear about it, and maybe you even remember to change the password. But many times you aren't informed or you don't get around to changing your password.
In response to these breaches, Dashlane sends its users security alerts. Whenever one of your accounts in Dashlane experiences a breach, you're informed. You receive a pop-up in Dashlane, and a notification in the Password Health section of the web app (called the Identity Dashboard in the desktop app). If you're a Premium user, you also benefit from Dark Web Monitoring, where we scan the dark web for leaked personal data associated with up to five email addresses, and sends you alerts when any is found.
Simply by having your accounts in Dashlane, and setting up Dark Web Monitoring if you're Premium, we can alert you to the problem and tell you what to do to solve it.
Contents
How do security alerts work?
Typically, a breach is discovered well after it actually occurred. When we alert you to a breach, the breach itself could have occurred even months before.
We consider your password compromised if you did not change it nor create the account since the date of the breach.
Importantly, in addition to the compromised accounts themselves, Dashlane determines if any of your other accounts use the same or similar passwords, and considers these passwords compromised as well.
You will receive an alert for all of these accounts as a popup when you open Dashlane.
You'll also see corresponding alerts in your Password Health. The alerts remain in your Password Health until you either change the affected passwords or else exclude them from the analysis.
Hover over the compromised password in the list to see the details of the breach and take action, otherwise click the small "wrong way" sign to exclude the password from the analysis.
What are Dark Web Alerts?
If you are a Premium user, you are able to receive alerts from the Dark Web Monitoring feature.
You're able to monitor up to five email addresses at a time. Dark Web Monitoring scans data from the dark web for personal information attached to those five email addresses. This matters, because if your data is available on the dark web, it may be bought or used by hackers and spammers.
If Dark Web Monitoring finds any of your information, a personalized alert is sent to you detailing what was found, and inviting you to change the passwords for the affected accounts.
An alert is first a pop-up message within Dashlane, but you can also always go to the Dark Web Monitoring section of the web app to see your ongoing alerts. You may click View details to see the details of the alert, or else click the X to dismiss the alert.
For more information about this feature, read How to set up and use Dark Web Monitoring, or the Frequently Asked Questions about Dark Web Monitoring.
The different kinds of Dark Web Alerts, and what to do when I get one
There are two kinds of alerts you may receive:
- Alerts for accounts you have in Dashlane
- Alerts for accounts you don't have in Dashlane
1. Alerts for accounts you have in Dashlane
If Dark Web Monitoring finds a password that matches one of your accounts in Dashlane, we consider that account compromised. When this happens, we notify you and invite you to change those passwords, as well as any passwords similar-enough to the ones we found.
2. Alerts for accounts you don't have in Dashlane
Dark Web Monitoring may also turn up passwords you haven't stored in Dashlane, and for which we can't determine the corresponding account. In this case, Dashlane will inform you of the passwords it found, in the hope that you can identify and secure the accounts to which they belong. Naturally, we invite you to use Dashlane for those accounts, and to make and remember a strong, unique password for each one.
On desktop
Alerts for accounts in Dashlane
In the pop-up, click the eye icon in the password field to view the affected password. A message recommends that you change the password, which can be done by going to the Passwords section or using the search bar. You can also change your password on the corresponding website as you normally would, making sure to allow Dashlane to update your password in the app.
The alert will still show in the Dark Web Monitoring section if you click Done or the x at the top right of the popup. Clicking the X next to the View details button of the alert will dismiss the alert entirely.
Alerts for passwords not in Dashlane
If you receive an alert for passwords you don't have stored in Dashlane, those passwords are initially hidden from view. To show the passwords, click on the eye icon. When you're done with the alert, you can delete it by clicking the X next to the View details button.
On mobile
Alerts for accounts in Dashlane
In the pop-up, tap Take action to change your passwords. Tap Dismiss to close the pop-up. You will still see the alert in your Identity Dashboard or in the Notification Center.
If you're looking at your alert in the Notification center you can swipe to dismiss an alert or tap on it to view the full details.
After you've pulled up the alert from the Notification Center or the Identity Dashboard you can tap on it to change your impacted passwords. Tap on Close in it in the down-right-hand corner of the alert to dismiss the alert entirely.
Once you've tapped either Take action or just tapped on the alert, you will be taken to your Password Health page, where you will see your compromised accounts.
Tap on the three-dot menu to the right of the compromised account, and select Go to website.
Once on the website, change your password as you normally would, making sure to allow Dashlane to update your password in the app.
Alerts for passwords not in Dashlane
If you receive an alert for passwords you don't have stored in Dashlane, those passwords are initially hidden from view. Tap Dismiss to close the pop-up. You will still see the alert in your Identity Dashboard and from the Notification Center. Tap View details to go to the alert in the Identity Dashboard. From the Notification Center, you can swipe across the alert to dismiss it or tap to view it.
In your Identity Dashboard, to show the passwords, tap the View button. If you tap Close this will dismiss the alert entirely, so please note the passwords we found before doing so.