IT Pro Verdict
Pros
- +
Polished client & management interfaces
- +
Free personal accounts for users
Cons
- -
Limited operating system support
Headquartered in the US, Dashlane is a well-established password management service with a polished interface, a wide range of cross-platform web extensions, and a desktop app for Windows.
The company has two enterprise-oriented offerings, Team and Business, and the main difference between them is that the more expensive Business tier supports SAML-based SSO, which can be easily integrated with Active Directory, Shibboleth, and other single-sign-on systems.
This review will begin with Dashlane Team, designed to provide scalable, coordinated password management to small and medium enterprises who don’t need to link staff access to password libraries with an SSO system.
Dashlane review: User features
The user interface is just like the personal version of Dashlane. Every user in your business gets a Premium personal account if you subscribe to Dashlane Team, or a six-user Family account if you use Dashlane Business.
If the user has an existing Dashlane account, this can be added by invitation: they’ll be added to your business account and their subscription will be covered by your Dashlane Team fees. They’ll have two separate password Spaces for personal and business passwords, helping to encourage good password management habits, helping to avoid staff using their work account for personal data and generally keeping everything a little more secure.
Note that users cannot be a member of multiple Dashlane business plans via the same email address. While this is unlikely to be a problem for staff, who should be using their company email address anyway, it may throw up issues involving freelance and contract colleagues in edge cases.
Users can access Dashlane via a web app and a browser extension for Chrome, Firefox, Edge, and Safari, which will also work on most browsers derived from those. There are dedicated clients for macOS, Windows, iOS, and Android. However, there’s no such client for Linux, for Android distributions that don’t include Google Play, or for other minority operating systems or use cases, such as command line automation.
While web passwords can be auto-filled if your Dashlane admin has allowed it, the desktop clients don’t have a KeePass-style autofill feature, so you’ll have to cut and paste passwords required for desktop applications.
Annoyingly, if you manually add a password entry, you aren’t offered the password generation tool when you add the password. Dashlane also insists that you add a website, although this actually can be any series of words, rather than the suggested URL. However, all of this makes Dashlane feel disproportionately web-focused.
At least Dashlane’s web extensions do a nice job of automatically detecting and offering to save passwords and personal details, storing payments and secure notes, generating strong passwords, and allowing users to import existing passwords through a compliant CSV file.
Dashlane’s mobile apps were recently found to include a number of trackers , most of which are used for crash reporting.
Beyond that, the company informs IT Pro that “Adjust is used for paid marketing attribution (primarily to fairly compensate partners who help Dashlane with marketing)”, while Braze is used for customer communication. Dashlane says that “these third-party integrations do not involve any exchange of personal data for money or any other consideration”.
Dashlane review: Management features
At the heart of managing Dashlane Team is the console, which provides more of a guided introduction to its features than many of its rivals. When you log in for the first time, you’re invited to add your colleagues, either by pasting in their email addresses or by dropping in a TXT or CSV file listing them. You can re-open this at any point by clicking the ‘Add users’ button on the console’s Users tab, which shows your active, revoked and pending users.
IT Pro 20/20: Does cyber security's public image need a makeover?
Issue 18 of IT Pro 20/20 looks at recent efforts to retire the 'hacker' stereotype, and how the threat landscape has changed over the past 20 years
Revoked accounts are not deleted by default: they transfer into their user’s hands. If you want to remove access to shared company passwords when a user leaves, you have to enable this feature, which requires you to designate at least one company domain. They get to keep their non-corporate passwords, but anything associated with your business email domain is removed when the user is revoked from your Dashlane Team.
To help you learn your way around, a helpful list of actionable items is pegged to the bottom of the console until you clear them. These prompt you to install the Dashlane extension for your browser, add extra admin users, and enable account recovery so you and your admin team can help users if they lose their master password.
For monitoring purposes, a dashboard shows you the number of user seats currently active, as well as the status of invitations and users’ passwords, including strength analysis and an alert of any compromised passwords: those for sites known to have been breached, and which have not been changed since the breach.
Groups, predictably enough, allows you to put users into groups for easy corporate password sharing. When adding users, you have to type in – or at least, start typing – each email address, even if they’re already in your Dashlane Team.
If you have outside contractors associated with your Dashlane account, you should add them to an appropriate group, which will make it easier to revoke their passwords by removing them from the group once they’ve finished their contract.
An Activity Log tab tracks everything that’s happened in your admin portal, and makes it easy to spot any potential security issues. Finally, the Settings screens let you enable account recovery and business domains, mentioned earlier, and enforce security policies such as log-out times and enforced two-factor authentication. You can also disable the default auto-login and autofill for specific websites, disable password sharing, and more. For Dashlane Business users, these screens also include configuration of SAML provisioning, SSO, and Active Directory integration.
This is also where you can enable the Dashlane VPN. This is a standard consumer VPN service, a white label version of Hotspot Shield, which is also available to personal Dashlane subscribers. Although not to be confused with a secure VPN connection to your office network, it can provide a modicum of security against ISP or local network level snooping on your users’ traffic.
It’s available for Dashlane Teams users running Windows, macOS, Android, or iOS. Dashlane Business only provides it for mobile platforms, and other operating systems aren’t covered by either subscription, with no OpenVPN profiles available for manual configuration, either.
Dashlane review: Verdict
Dashlane Teams costs $5 per user, per month, billed annually, while Dashlane Business, which adds single sign-on support, costs $8 per user, per month. This is very much par for the course when it comes to password manager pricing, and cheaper than some, but 1Password, LastPass and Bitwarden all have comparable subscriptions for less, particularly versus the Business tier.
We’re fans of Dashlane’s polished interface and management controls, and its zero-knowledge, authenticated-device based security architecture is highly credible. The whole package makes it one of the best password managers for businesses on the market, and one of the best password managers for every other type of user.
Your team won’t be disappointed by the user experience here, but Bitwarden is cheaper and supports a wider range of operating systems.
K.G. is a journalist, technical writer, developer and software preservationist. Alongside the accumulated experience of over 20 years spent working with Linux and other free/libre/open source software, their areas of special interest include IT security, anti-malware and antivirus, VPNs, identity and password management, SaaS infrastructure and its alternatives.
You can get in touch with K.G. via email at reviews@kgorphanides.com.