Dashlane’s Password Health and Dark Web Monitoring tools keep your sensitive data safer than ever.
Creating a secure password is not just something to check off your to-do list, never to revisit. A company’s security needs change over time, just as a password’s strength can weaken the longer a password is in use. Likewise, secure credentials are essential for keeping sensitive data behind a wall, but if those credentials are acquired by hackers, the whole wall might as well be leveled.
With a password manager, IT admins don’t need to spend all day thinking about and updating passwords or searching for places where they may have been leaked—Dashlane’s Password Health and Dark Web Monitoring tools help with the heavy lifting. Here’s how you can utilize these features to improve your company’s passwords, monitor progress, and gain shareable insights. It’s best to think of these tools as a duo: They’re stronger when you use them together.
How does Dashlane’s Password Health feature work?
Dashlane calculates an employee’s Password Health Score after they’ve stored at least five passwords that they haven’t excluded from the calculation. The score is based on three factors:
- Compromised credentials that haven’t been changed since the breach that put them at risk.
- Reused and similar passwords, whether compromised or not.
- Weak passwords, which are determined with an open-source method called zxcvbn.
The calculation gives more weight to critical accounts—those in the categories of business, finance, shopping, health, and social media.
Keeping score for employees
With this tool, users and admins can gain insights about their passwords by tracking their Password Health Score. Reviewing your score:
- Tells you the number and the breakdown of accounts with weak, reused, or compromised passwords.
- Identifies the specific data breaches related to compromised passwords.
- Helps prioritize the most critical accounts that need password changes.
- Makes it easy to replace passwords with a link to the account website.
Pro tips: Five ways to use Dashlane’s Password Health feature
To get the most out of this feature, there are five things you can do:
- Set a goal for individual employee scores and the overall company score. We recommend a score of 90.
- Use Password Health as an internal awareness tool. Educate employees about the risks of compromised, weak, and reused passwords, both to their personal lives and your company’s security.
- Create incentives for high-risk employees—those with low scores and reused personal and business passwords—and reward improvements.
- Encourage employees to watch for the alerts that Dashlane sends whenever a new data breach compromises their accounts.
- Monitor changes in Password Health over time to gauge the success of your security and awareness campaigns, and use this insight as a north star in company-wide presentations or executive briefings.
The Admin Console provides assurance for employees and visibility for admins
To combat poor password practices among employees, Dashlane’s Admin Console shows the Password Health Score and breakdown of each employee. It also shows an overall score for the company and how it has changed over time, all while maintaining employee privacy to build trust.
Through the console, admins can:
- View the current Password Health Score.
- View past scores for any given day, week, and month, as well as all-time scores.
- Benchmark a company security score today, and view trendlines to improve the score in the future.
- See the total number of compromised passwords stored in each employee’s Business Space.
Dark Web Monitoring: How it works, and why it’s a must
Dashlane’s Dark Web Monitoring, available to all individual users on a business plan, is a simple way to alert employees when their information appears on the dark web. Here’s how it works:
- Each employee adds up to five of their email addresses, business or personal.
- Dashlane scans billions of accounts and passwords available in data collections on the dark web and flags any exposed accounts with a prompt to take action.
- Employees can click on a button for the flagged credential, which will take them to the login page of that account to change their password immediately. They can use Dashlane’s Password Generator to create a strong, randomized password.
- Dashlane will continue to scan the dark web and will send an automatic alert if any personal data is discovered.
How often are credentials shared on the dark web?
Researchers recently found more than 15 billion compromised credentials on the dark web from more than 100,000 breaches. And those are just the credentials available for free.
In 2019 alone, more than 7,000 reported breaches exposed 15.2 billion more records, a new all-time high. More than 5,000 of those breaches were the result of hacking. With stolen or brute-forced credentials as the leading cause of breaches, it’s clear that compromised and weak passwords create a vicious cycle.
Monitoring the dark web for data breaches that may have exposed your employees’ passwords allows you to proactively track and secure business accounts. This is especially critical if employees reuse passwords across multiple accounts, apps, and systems.
They belong together: Password Health and Dark Web Monitoring are most effective as a team
As mentioned, the Password Health Scores take a number of things into account. If your credentials are found on the dark web, your Password Health Score is lower. This also applied to passwords determined to be similar enough to compromised ones to still be at risk. Dashlane uses a metric called the Levenshtein distance to determine password similarity: A password is considered similar to another if you’ve deleted, switched, or inserted fewer than three characters. Your or your employee’s Password Health Score will only improve once the employee has addressed these flagged accounts.
Not only does Dashlane encourage strong credentials with the Password Health feature, it also keeps eyes on your credentials should they surface on the dark web. When employees log in and view their dashboard, they take an active role in company security and can measure progress as it improves.
Make the most of Dashlane for your business today. Read our latest e-book, A Practical Guide to Cybersecurity with a Password Manager for Admins.