One of our newer features, the Security Alerts, notifies users if any of their online accounts pose a security threat. They’re a feature we launched as part of our objective to build our product around total security for users!
Since October, we’ve enhanced our Security Alerts by partnering with Pwnedlist, a tool that verifies if your accounts have been compromised. With over 29 million entries, Pwnedlist is keeper to “the largest database of stolen credentials” on the web.
Here’s how it works:
- Dashlane checks with the latest updates to the Pwnedlist database to see if any domains are compromised.
- When a match is found, Dashlane pushes a Security Alert, notifying you that one of your accounts may have been compromised.
- Once you receive an alert, visit the Security Dashboard to view any other accounts that share that password.
- Easily update the compromised accounts by using Dashlane’s Strong Password Generator.
For more info on how to update your passwords, check out our tips. Also, here are answers to couple of common questions we’ve received about the Security Alerts. We welcome any other questions or thoughts that you may want to share in the comments!
Since we can’t see any of your data, how do we know when a password is compromised?
It’s simple. We use the domain name. We send a notice to all Dashlane clients that we were notified of a breach on a given domain. Each Dashlane client checks whether or not you have a password on that site, and it shows the Security Alert if you do.
Why didn’t I read about these breaches in tech news?
They may not be headline-worthy, but these breaches are still significant. In December of 2012, we alerted our users of over 80 security breaches, which resulted in about 7000 leaked accounts. None of those breaches made tech news, but knowing about them may have saved some of our users a personal data disaster.