Dashlane

Last updated
Dashlane
Developers Dashlane, Inc.
Initial releaseMay 23, 2012;13 years ago (2012-05-23)
Repository github.com/Dashlane
Written in Kotlin (Android)
Swift (iOS)
Operating system macOS, Windows, iOS, Android
Available in12 languages
Type Password manager, digital wallet
License Proprietary software
Website www.dashlane.com

Dashlane is a subscription-based password manager and digital wallet application available on macOS, Windows, iOS and Android, founded in Paris. [1] Dashlane uses a subscription business model option. [2] [3]

Contents

Overview

Dashlane was founded in Paris on July 6, 2009, releasing their first software on May 23, 2012, that first included a password manager (encrypted using AES-256), [4] which was walled behind a single master password. Over time, more features were introduced to the product such as:

Source code

The source code for the Android and the iOS app is available under the Creative Commons NonCommercial license 4.0. [11] [12]

Reception

In 2017, Stiftung Warentest evaluated nine paid password managers and rated Dashlane Premium as one of four recommended products. [13]

Security Criticism

2024 Leakage via Injection Attacks

A 2024 study by Fábrega et al. demonstrated that many popular password managers are vulnerable to injection attacks. Dashlane was affected due to its handling of application-wide security metrics, allowing an attacker to inject crafted shared entries and observe externally logged data (such as duplicate-password counts) to determine whether their injected values matched passwords stored in a victim’s vault. [14]

2024 Evaluation of Password Checkup Tools

A 2024 study by Hutchinson et al. examined the “password checkup” features of 14 password managers, including Dashlane, using weak, breached, and randomly generated passwords. The authors found that the evaluated products reported weak and compromised passwords inconsistently and sometimes incompletely. No manager successfully flagged all known breached passwords. The study concludes that such inconsistencies may give users a false sense of security. [15]

2025 DOM-based Extension Clickjacking

Security researcher Marek Tóth presented a vulnerability in browser extensions of several password managers (including Dashlane) at DEF CON 33 on August 9, 2025. In their default configurations, these extensions were shown to be exposed to a DOM-based extension clickjacking technique, allowing attackers to exfiltrate user data with just a single click. [16] The affected password manager vendors were notified in April 2025. According to Tóth, Dashlane version 6.2531.1 (August 1, 2025) addressed the issue. [17]

See also

References

  1. "Top 10 Best Password Managers [NEW 2023 Rankings]". Software Testing Help. Retrieved 2022-12-15.
  2. "Compare Dashlane plans". Dashlane Support. Archived from the original on 2025-08-27. Retrieved 2025-08-31.
  3. Dashlane (2025-08-05). "The Dashlane Free Plan Is Ending Soon". Dashlane. Retrieved 2025-08-31.
  4. Popper, Ben (12 May 2012). "Dashlane takes on 1Password and LastPass for the web keychain crown". The Verge. Retrieved 30 January 2020.
  5. Henry, Alan (May 28, 2013). "Dashlane Adds Two-Factor Authentication, a New Interface, and More". Lifehacker. Archived from the original on June 22, 2018. Retrieved June 23, 2018.
  6. Pogue, David (June 5, 2013). "Remember All Those Passwords? No Need". The New York Times. Archived from the original on July 26, 2014. Retrieved July 16, 2014.
  7. Captain, Sean (July 16, 2012). "Dashlane Manages Passwords and Eases Online Shopping". NBC News. Archived from the original on March 4, 2016. Retrieved June 23, 2018.
  8. Zax, David (July 2, 2012). "Dashlane, The Mobile Future, and Mega-Passwords". Fast Company . Archived from the original on June 24, 2018. Retrieved June 23, 2018.
  9. Perez, Sarah (September 11, 2012). "Dashlane's Password Management Service Now Alerts Users When Their Accounts May Be Hacked". TechCrunch. Archived from the original on June 24, 2018. Retrieved June 23, 2018.
  10. Moscaritolo, Angela (27 July 2018). "Dashlane Password Manager Adds VPN, Dark Web Monitoring". PCMag. Retrieved 30 January 2020.
  11. "Android apps". Dashlane. 4 February 2023. Retrieved 4 February 2023.
  12. "Apple apps". Dashlane. 4 February 2023. Retrieved 4 February 2023.
  13. "Stiftung Warentest testet Passwort-Manager: Vier empfehlenswert". DER STANDARD (in Austrian German). Retrieved 2025-11-22.
  14. "Exploiting Leakage in Password Managers via Injection Attacks". arxiv.org. Retrieved 2025-11-22.
  15. Hutchinson, Adryana; Munyendo, Collins W.; Aviv, Adam J; Mayer, Peter (2024-05-11). "An Analysis of Password Managers' Password Checkup Tools". Extended Abstracts of the CHI Conference on Human Factors in Computing Systems. CHI EA '24. New York, NY, USA: Association for Computing Machinery: 1–7. doi:10.1145/3613905.3650741. ISBN   979-8-4007-0331-7.
  16. published, Benedict Collins (2025-08-22). "Multiple top password managers vulnerable to password stealing clickjacking attacks - here's what we know". TechRadar. Retrieved 2025-11-09.
  17. Tóth, Marek (2025-08-09). "DOM-based Extension Clickjacking: Your Password Manager Data at Risk". marektoth.com. Retrieved 2025-11-09.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.