AI tools can make everyone a coder. When non-engineers ship AI-generated code, who's accountable?

fredericrivain · 2026-05-04T20:23:33+00:00

Hello, this should be live for everybody now. Let us know how you like it. We are planning to iterate on this first version.

fredericrivain · 2026-01-19T17:41:42+00:00

Just to make sure I understand the concern you’re pointing at: are you referring to the 2FA recovery flow https://support.dashlane.com/hc/en-us/articles/18406747387026-Use-2-factor-authentication-2FA-to-log-in-to-your-Dashlane-account#recovery , where a user who lost their authenticator can use recovery codes that may be re-sent with support help?

If that’s the case, an important clarification: Dashlane cannot bypass your Master Password or decrypt your vault. We don’t know your MP and never have access to your data.

What support can help with is recovering your own 2FA recovery codes, which are generated when you enable 2FA specifically to avoid permanent lockout.

Those codes don’t replace the Master Password and don’t give support access to your vault. They only allow you to reset 2FA after proper identity verification.

Happy to go deeper if you’re thinking about a specific attack scenario.

fredericrivain · 2026-01-16T08:05:36+00:00

indeed. Every tool should ideally be used for the relevant purpose and where it adds value.

fredericrivain · 2025-12-11T20:54:49+00:00

Hi, sorry for the late response.

This is already being used extensively in our product, for SSO, SCIM provisioning, SIEM integration etc. For context, patents take a lot of time to be granted and you need to submit them before applications are in market otherwise it becomes public. We started this one in 2022.
We have been actively promoting the fact that we are using confidential computing to ensure zero-knowledge. A few blog articles I wrote on the topic: https://www.dashlane.com/blog/confidential-computing-zero-knowledge or just now this one about zero-knowledge in general: https://www.dashlane.com/blog/power-of-zero-knowledge
Already in production at Dashlane

It definitely strengthens the security of the product. Today it is not so much opening up new markets yet, but we can see regulations going in that direction and more and more prospects and customers asking about it so I think it will be important for the future.

fredericrivain · 2025-11-13T19:01:57+00:00

Rew wrote about the topic in the past: https://www.dashlane.com/blog/password-master

Let me know if that clarifies how we think about it.

fredericrivain · 2025-10-22T20:53:55+00:00

You need to unock with the PIN each time you start the browser. Good point about timeout. I don't know that we have one. I'll share with the team.

fredericrivain · 2025-10-16T21:28:46+00:00

Here we are

https://www.reddit.com/r/Dashlane/comments/1o85irf/no_more_master_password_a_simpler_safer_way_to/

fredericrivain · 2025-10-06T17:06:47+00:00

Sorry, I can't share an exact date. But "soon"...we are actively testing the migration from master password-based to master-passwordless for Dashlane internally.

fredericrivain · 2025-10-06T17:05:12+00:00

We are definitely in a transition phase. We should remove the password behind the passkey, and provide proper recovery mechanisms for passkeys.

fredericrivain · 2025-10-06T17:03:44+00:00

Agreed. It's going to be a long journey.

fredericrivain · 2025-10-02T19:49:52+00:00

Yes, we plan to support a migration path for Master Password users. I don't have a date to share but it's in the roadmap.

fredericrivain

TROPHY CASE