Top of Article
Contact us

Migrate your existing plan members to SSO

Articles in this section

See more

Migrate your existing plan members to SSO Expand Sections

SSO is only available to organizations on a Dashlane Business plan.
Upgrade to Dashlane Business

Important: With the Dashlane Safari extension, SSO isn’t available at this time due to Apple limitations. You can use self-hosted or Confidential SSO on a different browser like Chrome, Firefox, or Edge.

This article explains the plan member experience for migrating your organization from using Master Passwords to your Identity Provider's SSO. If you want to learn how to configure SSO to migrate your members, start with SSO overview and deployment.

Once you enable single sign-on for your organization, the members of your team will be able to use your organization's identity provider to sign in to Dashlane instead of their Master Password. However, because each member's data is encrypted using their Master Password, a one-time migration will be required for all members of your organization. This migration will decrypt the data using their Master Password and re-encrypt it using their SSO login. After the migration, the Master Password will no longer be used and your members will no longer need to remember their old Master Password.

This article outlines the important considerations before enabling SSO for your organization and how it will impact your organization. 

Re-registering all devices

As part of the migration, all member devices will be deregistered. If the member uses multiple devices, they'll be signed out of all devices. Once the member signs in again, they'll receive an email notification that a new device was added even if they've signed in to Dashlane on that device before. Because the identity provider handles two-factor authentication (2FA), the member won't be prompted for a 2FA code when registering the new device. A 2FA challenge from the SSO identity provider may still occur if you have configured 2FA as part of SSO.

No access to any data after being removed from the team

If you remove a plan member who is using SSO to sign in, that member will no longer be able to access Dashlane, including the data stored in their Personal Space. However, if you need to give that member access again, you can add them back into your business plan within 30 days of revoking them. No member data is deleted within 30 days, including the data in the Business Space. 

Previously removed members not impacted

If you have plan members that you removed before enabling SSO for your organization, these members won't be disrupted and will continue to be able to sign in to Dashlane using their email and Master Password. They won't be forced to migrate to SSO either. 

Member migration from Master Password to single sign-on

Important: With the Dashlane Safari extension, SSO isn’t available at this time due to Apple limitations. You can use self-hosted or Confidential SSO on a different browser like Chrome, Firefox, or Edge.

Once you activate SSO for your organization, all members (not admins) in your organization will be forced to re-encrypt their data so they can sign in to Dashlane using SSO instead of their Master Password at their next login. Admins in your organization won't be impacted and will continue to use their Master Password to sign in.

Once you activate SSO, your members will go through the following migration:

  1. The next time the plan member successfully signs into their browser extension using their Master Password, they will see the following image. (If they attempt to sign into the web application in the browser, they will be directly taken to the next step).

  2. Once the member selects Log in with SSO, the member will see the following screen:

  3. Once the member selects Log in with SSO, the member will be redirected to their identity provider to sign in.
  4. Upon a successful sign-in, the member will be redirected to Dashlane and automatically have their data re-encrypted. Once the re-encryption is complete, the member will be redirected to the Dashlane web app.

    Note: If the member doesn't have the extension installed, they will have to type in the Master Password once more before the re-encryption happens.

The migration is complete. The member will no longer need their Master Password. Future logins will look like the following:

If the plan member wants to automatically log in with SSO on future logins, they can select the Automatically log in with SSO checkbox in the Log in with SSO pop-up. If they choose this option, we recommend that they set their browser to restore tabs on restart.

Learn how to set a browser to restore tabs on restart

Note: The same experience is available on the iOS and Android applications. The migration will be done only once per member and will happen on the device that the member signs into first after SSO has been activated for the organization.

Was this article helpful?
10 out of 13 found this helpful
Thank you! Your feedback helps us improve this article for everyone.

In this Article

Articles in this section

Related articles

Can't find what you're looking for?

Contact us
Powered by Zendesk