Password manager vendor releases new credential security and support service features, along with a new low-cost option for small businesses. Credit: Matejmo / Getty Images Password manager vendor Dashlane has announced updates to its suite of enterprise offerings. These include a new Dark Web Insights tool that provides a breakdown of compromised passwords, a standalone authenticator app for enabling account multi-factor authentication (MFA), and a low-cost starter plan for small businesses. The firm has also introduced new live phone support service whereby users can request and book a call directly with Dashlane’s support team.Breached employee credentials on dark web pose significant threat to businessesIn a press release, Dashlane stated that its new Dark Web Insights tool “continuously scans” more than 20 billion records attached to hacks or data breaches on the dark web, providing users with a bespoke breakdown of compromised passwords across their organization. Dark Web Insights also provides admins the ability to scan their organization for incidences of breached credentials and invite non-Dashlane using, breached employees to begin using Dashlane through built-in seat provisioning. The firm said that, by pairing this alert function with the ability to generate new, random, and unique passwords, admins can take action quickly once alerted about compromised credentials.Heather Hankins, security specialist at the National Educational Telecommunications Association, said that it is useful for security teams to know if and when employees have suffered a credential breach. “That way, when you help them deal with [a breach], you’re also training them, and giving them valuable security advice to help prevent this in the future.” A recent report from Searchlight Security detailed a case study of how employees’ credentials can be exposed on the dark web and how dark web monitoring can help protect organizations by pre-empting attacks. According to Executives Under Threat 2022, the vendor performed a dark web search of data attributes belonging to specific employees of a large US healthcare organization. Despite finding no evidence that the organization had suffered an attack, its search detected several data points linked to an individual employee, including business and personal email addresses, contact numbers, their spouse’s vehicle registration as well as their children’s phone numbers and their home address. By uncovering this information, the organization’s security team was able to implement a more proactive security posture and address the potential threat of a targeted attack on the executive or their family, which could impact the business itself. Dashlane Authenticator app launched amid rise of MFA fatigue attacksIn addition to dark web monitoring, Dashlane has announced a standalone authenticator app to provide a simple way to enable MFA for any compatible accounts. Available on iOS and Android devices, Dashlane Authenticator has been designed as a counterpart to the Dashlane Password Manager app, making 2FA token autofill seamless for vault items and allowing for secure sharing of both passwords and 2FA codes, the firm stated.While MFA is often touted as a vital security feature, recent high-profile breaches suggest it is certainly not a security panacea, with attackers finding ways around it. Attacks on Uber and Twilio have highlighted a rise in MFA Fatigue campaigns, whereby cybercriminals spam an employee whose credentials have been compromised with MFA authorization requests until they become annoyed and approve the request, grating the attacker access. It’s a simple yet effective technique that relies on a user’s lack of training and understanding of the attack vector. Furthermore, smaller businesses and entrepreneurs can now opt for Dashlane’s new Starter option, a low cost plan for teams of up to 10 individuals priced at $20 per month, while the firm’s new live phone support service is now available to Business, Team, and Starter plan users alike, it stated. Live chat support is available in English, French and German, Dashlane added. Related content news Singing River ransomware attack now thought to have affected over 895,000 The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack. By Shweta Sharma May 15, 2024 4 mins Data Breach Ransomware brandpost Sponsored by Sans Institute Clock is ticking for companies to prepare for EU NIS2 Directive Many companies are still not ready for the impact of NIS2, but SANS can help them prepare. By Laura McEwan May 15, 2024 3 mins Security feature Backlogs at National Vulnerability Database prompt action from NIST and CISA A crisis at the key US service for ranking vulnerabilities has been fueled by short resources and an explosion of security flaws as the volume of software production increases. By John Mello Jr. May 15, 2024 10 mins Threat and Vulnerability Management Security Practices Vulnerabilities news FBI warns Black Basta ransomware impacted over 500 organizations worldwide CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting. By Lucian Constantin May 14, 2024 6 mins Ransomware Phishing Healthcare Industry PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe