• United States



UK Editor

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan

Oct 06, 20224 mins
AuthenticationMulti-factor AuthenticationPassword Managers

Password manager vendor releases new credential security and support service features, along with a new low-cost option for small businesses.

Conceptual image of password entry amid binary code.
Credit: Matejmo / Getty Images

Password manager vendor Dashlane has announced updates to its suite of enterprise offerings. These include a new Dark Web Insights tool that provides a breakdown of compromised passwords, a standalone authenticator app for enabling account multi-factor authentication (MFA), and a low-cost starter plan for small businesses. The firm has also introduced new live phone support service whereby users can request and book a call directly with Dashlane’s support team.

Breached employee credentials on dark web pose significant threat to businesses

In a press release, Dashlane stated that its new Dark Web Insights tool “continuously scans” more than 20 billion records attached to hacks or data breaches on the dark web, providing users with a bespoke breakdown of compromised passwords across their organization. Dark Web Insights also provides admins the ability to scan their organization for incidences of breached credentials and invite non-Dashlane using, breached employees to begin using Dashlane through built-in seat provisioning. The firm said that, by pairing this alert function with the ability to generate new, random, and unique passwords, admins can take action quickly once alerted about compromised credentials.

Heather Hankins, security specialist at the National Educational Telecommunications Association, said that it is useful for security teams to know if and when employees have suffered a credential breach. “That way, when you help them deal with [a breach], you’re also training them, and giving them valuable security advice to help prevent this in the future.”

A recent report from Searchlight Security detailed a case study of how employees’ credentials can be exposed on the dark web and how dark web monitoring can help protect organizations by pre-empting attacks. According to Executives Under Threat 2022, the vendor performed a dark web search of data attributes belonging to specific employees of a large US healthcare organization. Despite finding no evidence that the organization had suffered an attack, its search detected several data points linked to an individual employee, including business and personal email addresses, contact numbers, their spouse’s vehicle registration as well as their children’s phone numbers and their home address. By uncovering this information, the organization’s security team was able to implement a more proactive security posture and address the potential threat of a targeted attack on the executive or their family, which could impact the business itself.

Dashlane Authenticator app launched amid rise of MFA fatigue attacks

In addition to dark web monitoring, Dashlane has announced a standalone authenticator app to provide a simple way to enable MFA for any compatible accounts. Available on iOS and Android devices, Dashlane Authenticator has been designed as a counterpart to the Dashlane Password Manager app, making 2FA token autofill seamless for vault items and allowing for secure sharing of both passwords and 2FA codes, the firm stated.

While MFA is often touted as a vital security feature, recent high-profile breaches suggest it is certainly not a security panacea, with attackers finding ways around it. Attacks on Uber and Twilio have highlighted a rise in MFA Fatigue campaigns, whereby cybercriminals spam an employee whose credentials have been compromised with MFA authorization requests until they become annoyed and approve the request, grating the attacker access. It’s a simple yet effective technique that relies on a user’s lack of training and understanding of the attack vector.

Furthermore, smaller businesses and entrepreneurs can now opt for Dashlane’s new Starter option, a low cost plan for teams of up to 10 individuals priced at $20 per month, while the firm’s new live phone support service is now available to Business, Team, and Starter plan users alike, it stated. Live chat support is available in English, French and German, Dashlane added.

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past 8 years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

More from this author