As an admin of a Dashlane professional plan, you can review your organization’s security in the Admin Console. You can also see whether the overall password security of your plan members is increasing or decreasing over time.
When logged in to the Dashlane web app, plan members can see their Password Health score containing their safe, weak, reused, and compromised passwords.
Has a member received a security alert about one of their passwords in Dashlane? Check out this article:
My information has been compromised or found on the dark web
Password Health in the Admin Console
At least one plan member other than an admin needs a minimum of five logins in their account. Then you can see the Users and Dashboard tabs in the Admin Console. Scoring data is available starting in May 2020.
Plan members’ Password Health scores are calculated locally on each member's device. Dashlane doesn’t have access to any login information. The individual scores are synced to Dashlane servers and made available to admins in the Admin Console, along with the overall Password Health score.
Security at Dashlane
Read about Dashlane's security and compliance at trust.dashlane.com
Want to further secure your organization? Check out our blog post on how to assess the risk of cyberattacks
You can automatically notify members of your Dashlane plan about cybersecurity risks with Slack Nudges. If a member has one or more compromised, weak, or reused passwords, Dashlane automatically sends a Slack message encouraging them to create more secure, unique passwords.
Learn more about Slack Nudges
You can also monitor weak and compromised passwords across your organization by silently deploying the Dashlane extension on managed devices. Credential Risk Detection identifies if your employees use weak or compromised passwords even when logged out of Dashlane.
Learn more about Credential Risk Detection
Important: Dashlane protects your members' privacy. If your plan has the Spaces feature, the Password Health score is calculated based on the logins in members' Personal and Business Spaces. However, it only reflects logins in members' Business Spaces. As an admin, you can't view any specific information about anything in members' Personal Spaces.
More about managing Personal and Business Spaces
Users tab in the Admin Console
The Users tab displays these items:
- The number of open seats remaining for your plan and the number of total seats your organization has purchased for your plan
- The number of employees who haven’t yet accepted your invite to join Dashlane
- Your Company Password Health Score, which is the average of the individual Password Health scores of all plan members
- The Password Health score syncs hourly to ensure that admins receive timely and consistent information
- A list of active plan members along with their individual Password Health score and information about how many strong, weak, reused, and compromised passwords they have
Dashboard tab in the Admin Console
The Dashboard tab provides a dynamic Password Health Dashboard. Individual Password Health scores are used to calculate the overall, organization-wide score.
The Dashboard updates constantly, giving you the information you need to perform these actions:
- Set best practices and improve your organization’s remote work security
- Encourage your members to improve their Password Health scores
- Track these changes to see which changes work
- Report to leadership on your organization's progress
To check the overall score for a specific day, hover over that date in the graph.
Admin tab in the extension pop-up
The Admin tab in the extension pop-up provides a quick overview of your organization's Password Health score. It also displays your plan members' total passwords, as well as their total number of compromised, reused, and weak passwords.
How is the Password Health score calculated?
The Password Health score is calculated based on all passwords stored in Dashlane and whether they're Compromised, Reused, or Weak. These passwords are compared to the number of Safe passwords.
Manually Excluded logins aren't included in the Password Health score.
Some websites are considered more important than others, such as banking, email, shopping, health, and social media. So, when Dashlane calculates the Password Health score, passwords for those websites are given more weight.
Learn more about Password Health across devices
Dashlane generates Password Health scores using an algorithm that works silently in the background of each person’s Dashlane account. Dashlane is built on the principle of zero knowledge to ensure that only each person has access to their Dashlane vault. Each score is computed on their device. Our server doesn't have access to anyone's login details.
FAQ about security at Dashlane
Read about Dashlane's security and compliance at trust.Dashlane.com
Password categories
Compromised
If a password is impacted by a data breach or found on the dark web using our Dark Web Monitoring tool, it’s compromised. Dashlane sends a security alert in the Dashlane app if the breach occurred after the password was last changed.
Dashlane also checks whether your other accounts use the same or similar passwords as the compromised accounts. If so, those passwords are considered compromised as well.
We strongly encourage you to change any compromised passwords as soon as possible and never use the password again. You can use Dashlane's Password Generator to generate a new and unique password for each compromised account.
Generate or change a password using Dashlane
What do I do if I receive an alert about a password?
Reused
Some people reuse or introduce small variations of the same password for different accounts. Using a password more than once is one of the main reasons people have multiple online accounts broken into at once.
Your Password Health score is lowered if any of your passwords are identical or too similar. The more reused passwords, the lower your score.
Dashlane uses a measure of difference called "Levenshtein distance" with a limit of three to ensure your passwords are meaningfully different. How many edits does it take to turn one password into another by deleting, inserting, or switching a character?
Example: If one password is Password123! and another is password123, only two characters are changed. The Levenshtein distance is two. The passwords are considered similar and reused.
We recommend you use Dashlane's Password Generator to generate a new and unique password for each of your accounts.
Generate or change a password using Dashlane
Weak
Cybercriminals who steal your data aren't trying to figure out your passwords—their computers are. They may gain your passwords by automating brute-force attacks, a hacking method that uses trial and error to determine passwords.
If one of your passwords could be easily worked out by someone else, Dashlane considers it weak.
Dashlane judges the strength of passwords against over 30,000 of the most common passwords, dictionary words, names, keyboard patterns, dates, and more. The open-source method Dashlane uses is called “ZXCVBN."
ZXCVBN is the algorithm behind most password strength meters you see when you create new passwords. The algorithm looks for patterns that cybercriminals might use to guess your password. Your password receives a score from 0 to 4, with 4 being the strongest. If your password gets a score of 2 or lower, it's considered weak and easy for someone to figure out.
Test the strength of passwords
We recommend that you use Dashlane's Password Generator to create the strongest password each website will allow.
Generate or change a password using Dashlane
Safe
A safe password doesn't meet the criteria for being considered weak, reused, compromised, or excluded.
FAQ about Password Health scores in the Admin Console
How do duplicates of logins impact the Password Health score?
If Dashlane detects a password is used for more than one login, the passwords are marked as Reused. Reused passwords negatively impact the Password Health score.
Dashlane recommends using a different, strong password for each account.
Generate or change a password using Dashlane
If you use the same username and password for different services that share the same account, you can link them together.
Manage linked websites and subdomains
Which passwords are excluded from the Password Health score?
Manually excluded logins aren’t included in the Password Health score. Admins can’t prevent plan members from excluding logins. Plan members can see a list of their excluded logins in the Excluded tab of the Password Health section.
Passwords not saved correctly aren’t included in the Password Health score. Sometimes, a password is saved in a Secure Note or the Notes field of a login instead of the Password field. Those passwords aren’t included in the Password Health score.
Why is the Password Health score a plan member sees not the same as the score in the Admin Console?
Some plans have the Spaces feature. If your plan has Spaces, each member can choose to show only data from their Personal Space, only data from the Business Space, or both combined. Their Password Health score reflects this choice.
When is the Password Health score updated in the Admin Console?
The Password Health score syncs hourly to ensure that admins receive timely and consistent information. Changes members make to their passwords will show up when the score is synced hourly. However, when a member calculates their first Password Health score, we send it as soon as the calculation finishes.
If the changes aren't syncing, select My account, Settings, and then Sync now. If that doesn't work, try logging out and then logging back in to Dashlane.
What does “Last Activity” mean?
The Last Activity column shows the last time Dashlane servers logged an active session for a plan member's Dashlane account.
An active session is counted when a plan member logs in, even if the member makes no changes.