On June 9, we organized our very first virtual town hall for business customers. The event featured Dashlane CEO JD Sherman, CPO Derek Snyder, and product manager Anthony Kocken.
During this event, business customers had the opportunity to meet our new CEO, hear about our product roadmap, see autofill demos, and get a sneak preview of upcoming features. There was also a Q&A session at the end during which many questions were asked. We didn’t have time to get to all of them, so we wrote this blog post and answered them here.
We’ve done our best to consolidate the questions and answers around particular themes. Click the + on the righthand side next to each topic to see the related Q&A.
More about the migration & sunset
Many of you asked questions about the switch to the web app, so we’ll do our best to answer them here. You can also read more about why we decided to move to a web-first experience in this blog post.
Should I switch to the web app?
We highly recommend switching to the web app! The web app is more reliable, better performing, and is home to our latest features and improvements. And of course, it’s as secure as using the desktop app.
Our belief—since echoed by many of our individual customers—is that it’s more convenient to have access to passwords right in your browser (where you need them!) instead of ping-ponging between your browser and a desktop app. In case you do need a password for something outside of your browser, we suggest you create a desktop shortcut to the web app so you can access these passwords as easily as with the desktop app.
Plus, offline access is available with the browser extension (when 2FA is disabled), even if you’re not connected to the internet! Same with our mobile apps. More info about offline access here.
When will missing features be added?
We know some features are still missing, like CSV export, managing 2FA to log in to your Dashlane account, or locking Secure Notes, and it can be inconvenient to use two apps to access Dashlane’s full feature set. But we have a line of sight to build these capabilities into the web app in the next few months and are confident it’s a vastly superior experience to anything we’ve offered before.
We’re working with a partner to deliver a new VPN experience. The current VPN experience is behind a white label from Hot Spot shield. Instead of producing a white-labeled VPN inside the product, we plan on creating a bundled offering for a VPN. To use this new VPN, you download a standalone VPN app at no additional charge, and your credentials and instructions to use the VPN will be available in the Dashlane web app.
Account recovery in the web app will be available later this month! Account recovery is not enabled by default due to GDPR and CCPA compliance, so users are required to opt-in. However, we are looking at ways to improve this experience and its visibility to admins.
Receipts & Emergency
You’ll notice Receipts and Emergency are the two features that will be deprecated along with the desktop apps. We are planning to rebuild emergency contact capabilties from scratch in the future.
How can I reduce the number of clicks to open the web app?
Here are a few suggestions to minimize the number of clicks to open the web app:
- You can create a desktop shortcut to the web app so the web app is pinned to your taskbar/dock. It will give you a native app feeling, and your web app will be one click away.
- Chrome and Firefox users can create a shortcut to open the extension. That way, you can use the keyboard to open the extension window and just need to click the Open web app button.
- You can also bookmark the web app and add it to your browser’s bookmarks bar.
When is the desktop app officially going away?
We will not deprecate the desktop app until all key features are available in the web app, and based on our progress, we estimate reaching this milestone in Q4 2021. At that time, users won’t be able to use the desktop app anymore and it won’t sync with other Dashlane apps. Before this sunset moment, we’ll be providing resources to Dashlane admins on migration best practices and additional web app educational materials for employees.
As JD mentioned during the event, the switch to a web-first experience has been a bumpy journey, but we’re confident the experience will be better in the long run. An important lesson we learned is the importance of better communication with customers—something we’ll invest in much more moving forward. Whether it’s through webinars, emails, or in-app messages, we realized you needed more updates from us and additional tech and educational resources for your team.
All about autofill
Are there plans for multiple sites or device identities (URLs or IPs) stored as a single entry?
Yes, we do have plans to let users store multiple sites as a single entry. We’re estimating this to be released this year. Stay tuned!
Can we save flexible password records that don’t require a real URL or anything in the URL field?
Yes. We’ve recently made that change and an URL isn’t needed to save a password in Dashlane anymore. However, we obviously won’t be able to autofill that password given we would not know the URL.
Are you planning to make autofill and password generation improvements on iOS/iPhone?
With both mobile apps, we’re limited to Apple and Google ecosystems and restrictions which limit our capacity to improve certain things. The latest improvements we made allow you to generate new a password right from the autofill menu, save it to your vault, and autofill it without leaving the website you’re visiting. This is a way to bypass Apple’s restrictions. We’re looking into other ways to improve this experience.
If you have specific suggestions, feel free to reach out to your account rep or Customer Support!
Are there plans to add additional fields/notes to the password?
You can already add notes alongside your password, but we won’t autofill them. We’re not planning to add additional “autofillable” fields at the moment, but we’re considering it!
Dashlane sometimes still deploys on screens where it isn’t wanted even after turning off autofill on the web page. Is that the “auto-login loop” problem you talked about?
Yes, it’s related and a fix will be released soon! Note that if you’re referring to the admin feature that allows you to block autofill on a specific list of domains, this feature only works for domains and not subdomains.
So if you wanted to block autofill on company.jira.com, you’d have to block autofill for jira.com.
When adding a new password, it’s not possible to edit the password name and autofill options just before saving. Having to go into Dashlane after it’s saved to simply edit the name and settings is a rough UX flow.
This isn’t something we’re planning to work on at the moment, but Anthony’s team will explore this idea!
Many times Dashlane does not autofill, and it makes it hard to depend on Dashlane. Why is this?
The web is like the wild west, and we can’t control how other companies’ web pages are built. Given there are many types of fields and millions of websites, there are a lot of exceptions and it’s very hard to ensure we can recognize and classify every single field correctly. (Here are more details on troubleshooting/working around some of these inconsistencies, written by Anthony.)
The good news is that our new engine powered by machine learning will dramatically improve your autofill experience because it automatically learns how to accurately recognize form fields based on a dataset we regularly feed. If you encounter any autofill issues, please report them to the Support team so we can train our machine learning model on those websites. We’re also working on manual solutions that would allow you to control what information autofills and where.
Sometimes Dashlane gets “confused” during a password reset flow, and it’s hard to tell if Dashlane is generating and saving a new password for the reset like I need to or just autofilling my old one.
This is an analysis bug and we’ll most likely be able to fix it. If you encounter this happening on a specific site, please reach out to the Support team to tell us where you’ve experienced this bug.
Also, note that if Dashlane ever generates a password but doesn’t save it, you can find it under Show history in the Generator tab of your extension. More info on that here.
Is there any plan to address all the domains where a credential is applicable? For example, login.live.com, office.com, microsoft.com, and microsoftonline.com all use the same SSO ID within the Microsoft ecosystem.
Yes! We have already built a feature called associated websites that will auto-match these known domains—it’s live now. We plan to expand on this feature to provide more customization for businesses and admins.
How about logins that have 3 fields instead of 2? Dashlane is very unreliable on these types of forms today.
Our machine learning engine has made some improvements to this, but it’s not perfect. Fast-following these improvements will be the ability to manually fix the form autofill right in the Dashlane popup and have that preference saved.
Some websites only allow certain symbols. It would be nice to be able to tell Dashlane to only use the following symbols or ignore using other symbols.
We recently updated our special characters to match most websites’ requirements to avoid this frustration and narrowed down our available symbols to the six most used: @&$!#?. This means you can still enjoy a super-secure password while knowing the auto-generated password will meet website requirements.
Security & privacy questions
I’ve heard that you have three trackers in your applications. What are they used for?
We constantly strive to build a best-in-class product experience for everyone, no matter how tech savvy they may be. In order to deliver the best possible experience, we occasionally use third-party tools to augment what our internal teams are building. The decision to integrate third-party tools is not one we take lightly, but in very specific instances, these tools allow us to serve our customers better than we would be able to on our own. These include tracking and fixing bugs and app outages, educating customers on how they might get more value out of the product, and fairly compensating our partners who help us with marketing efforts.
These third-party integrations do not involve any exchange of personal data for money or any other consideration, and because of our patented zero-knowledge architecture, the contents in user vaults are impossible for Dashlane or anyone else to access.
Are you selling any of our employees’ or company’s data?
Absolutely not. You can read about our privacy here.
If you want employees to use complex passwords, why do you limit the length of passwords in your password generator?
A 40-character password would take an estimated 6 quindecillion years to hack. We could certainly add 0s to that, but we feel the additional security is near-zero at that point.
Is there any additional security for Dashlane admin accounts?
Our security architecture applies to all Dashlane users, and we have built it so all users get the same level of security as an admin account. Admins are required to use 2FA to log in to the admin console on a new device separately from logging into the web app.
Onboarding, offboarding & sharing
If an employee is terminated but had ownership of essential passwords, how can admins grab those passwords or redistribute ownership?
Secure employee offboarding is a high priority for us. We are currently working on making provisioning and de-provisioning easier, providing more export options, and rethinking group sharing and permissions. We want companies to be confident their information is in the right hands and need employees to confidently adopt the product knowing they won’t lose access to their personal data just because they are leaving a job.
Are there plans to improve seat management? Onboarding and offboarding with Dashlane has great UX, but emailing support to remove extra seats is suboptimal.
We are spending a lot of time thinking about ways to reduce friction for our customers and building additional back-office tools. However, this specific issue is not currently prioritized.
Are there plans to allow sharing items with groups one is not a member of? Currently, we’re forced to share it individually or ask a group member to reshare it with the group.
As part of working to make life easier for Dashlane admins, we are actively working on improving provisioning, group sharing, and permission settings. Stay tuned!
Can we share multiple passwords at once?
I need to be logged in to different accounts on different instances of Chrome, and logging in to Dashlane on each one is a source of frustration. Is this something that is being addressed?
We’ve heard this feedback and have worked to quickly release a solution! In early June we released a new biometric unlock feature using the WebAuthn open standard, which works for all Chromium browsers. It also works with most hardware keys. You can enable the feature in your security settings. Unfortunately, it’s not available on Firefox yet; we’re waiting on Mozilla to address an issue on their end. In the meantime, you can check Remember my Master Password for 14 days on the login page in the extension window.
Is there a way to prevent home installations of Dashlane from accessing business passwords?
That’s something we’re considering, but we haven’t prioritized it yet.
We currently allow employees to “Sign in with Google” on any site that offers that feature, but Dashlane shows those users have a “reused” password 15 times over. Is our only option to hide them from the Health Score?
This is a bug. It shouldn’t be happening because you would only have one password if the apps use sign-in with Google. We will look into this issue and fix it ASAP!
Will there be native integration with Google SSO?
Yes, we already support Google with SSO. Learn more here.
Specific feature follow-ups
When will log in with biometrics be supported for business accounts?
We have quietly released this in the web app, so check your web app security settings!
When will your web app support offline mode with 2FA?
2FA requires connecting to the internet to complete the 2FA request. We do not anticipate supporting offline 2FA.
Can DUO be used for 2FA on a desktop browser and iPhone with near-field YubiKey?
Two-factor authentication (2FA) is an important tool to protect and secure any account, and Dashlane is no different. We are in the process of building 2FA into the web app (both authenticator apps and hardware keys), and by default, Dashlane requires an additional code whenever a user logs in for the first time on a new device. (This code is sent via email to the address you used to create your Dashlane account).
When will we be able to export Secure Notes?
This is in progress! We’re estimating Export will be available in the web app this Summer.
Can you explain a bit more how Dark Web Monitoring works?
Dark Web Monitoring scans tens of billions of records attached to hacks and breaches and sends you alerts so you can take action to protect your accounts. Dark Web Monitoring does not access personal passwords; it only flags that your email address was found on the dark web as part of a company’s data breach.
Are there any plans to have an admin console for managing multiple customers with one login, like an MSP?
We would love to do this! We can’t say yet when it will be prioritized.
Where can I find information about SSO integration with Azure AD?
Will audit logs and reporting include exporting user lists for the purposes of auditing which users are active/pending, etc.?
Do you have any plans for an enterprise-level RBAC-enabled solution?
Yes, this is currently in our roadmap!
Any chance to have both personal and multiple company accounts?
We are planning a feature called “Multi-Account” which would allow both a personal and a work account to be “glued together” in one UX. The personal space would tie to the personal account, and work to work.
Is there a way to use Password Generator on the web app?
Password Generator is available in the extension and pops up at the time of creating an account on the web. We do plan to add it into the web app as well.
Support & resources
What are your plans for improving customer service?
Providing excellent customer service to help our admins and end-users become successful with their investment in Dashlane is our number one priority. That’s why we have made significant improvements to our Customer Service and Support organization in the last few months.
We created a specialized support segment that solely focuses on getting faster resolutions to our B2B customers, and we’ve seen our customer satisfaction and SLA achievement improve dramatically soon after this change.
We are continuing to grow and upskill our teams so we can remain consistent in providing great support on all channels.
We are also focused on becoming more proactive in problem-solving for our admins and end-users through our investments in self-service options such as easy-to-navigate content (articles, troubleshooting guides, onboarding videos, etc.), AI-powered responses to routine questions, and increased social media coverage.
Will I be able to speak to someone in customer support over the phone?
We chose chat as our live channel instead of the phone because most common requests and issues for Dashlane are easier to solve through a channel like chat that allows sharing of screenshots, links, guides, etc.
However, there are times when it’s useful to conduct a screenshare or a video call to make progress, and in these instances, our team schedules them with you. You can also request a call if you feel one is needed to reach a resolution on an issue, and our team members will schedule a Zoom meeting with you based on your request.
We realize that the video call/screenshare scheduling method isn’t as seamless as we would like it to be, so we will be making investments to improve this experience in the coming months.
Do you currently have any onboarding tutorials our staff can watch?
Yes! Check out our YouTube channel, especially these two videos:
- Getting Started with Dashlane Team for Employees
- Getting Started with Dashlane Business for Employees
Is there a test account available I can use to demonstrate to staff without using my own account?
We don’t have a default test account, but one option would be to create an email like email@example.com and add this email to your plan. Then, create a Dashlane account using this email address.
If you registered for the event, you should have received a link to the recording. If not, reach out to the Support team. We would also love your feedback about the town hall! Tell us what you thought by taking this quick survey.