In today’s hybrid work environment, employees are more spread out than ever. They’re logging in remotely—often using a mix of company-owned and personal devices—and they’re outside the legacy safety of an office with the protection of firewalls and physical security. With this new convenience and flexibility comes additional risks as the attack surface for compromised credentials grows larger.
Given these cybersecurity challenges, Dashlane is proud to announce we're the first password manager to use secure enclaves and confidential computing to protect the privacy and security of our customer data.
With Dashlane’s new Confidential SSO solution, Dashlane Business customers can log in to Dashlane with their existing company SSO credentials. They have one less password to remember, and admins have one less service to manage—while still benefiting from the same zero-knowledge architecture.
Dashlane’s new Confidential SSO feature
Dashlane is using the power of secure enclaves and confidential computing to empower a simpler and more secure SSO integration, providing organizations with safe encryption. This innovative technology is powered by our patent-pending use of AWS Nitro Secure Enclaves to fully isolate the encryption keys, which enables organizations to be confident that cloud data is private and protected. Unauthorized parties, including Dashlane, can’t see or access vault keys—they’re uniquely generated per user at the time of SSO setup.
As cyber threats grow more advanced, Dashlane continually evolves to protect against them. We’re proud to be paving the way for the future of logins—our use of secure enclaves and confidential computing marks a paradigm shift in how we will implement security and power our applications moving forward.
Take part in our Confidential SSO public beta today to see the simplicity and security of Dashlane Confidential SSO for yourself.
With Dashlane Confidential SSO, you’ll get:
Enterprise-level security for your organization
You don’t have to sacrifice security for the sake of convenience. Dashlane treats every bit of information with complete confidentiality in an isolated environment, which significantly reduces the attack surface and minimizes the risk of unauthorized access. Our patent-pending technology provides isolation for data processing and code from the operating system. This guarantees that even users with physical or root access to the machines can’t access or tamper with the code stored inside the secure enclave.
Secure enclaves create an environment in which authentication data is securely processed and users maintain control over their credentials. Thus, only authorized users can access the stored data.
Seamless integration
Dashlane Confidential SSO uses a product-agnostic architecture that supports all SAML 2.0-based Identity Providers (such as Azure AD, Google, Okta, and JumpCloud). IT admins find that Dashlane’s SSO fits seamlessly into their workflow, and since there’s no signup required for employees, it’s easier to drive adoption across the organization.
Simple and secure employee access
Employees don't need to remember another password. Instead, they log in the same way as any other SSO app: With their secure SSO credentials.
Transparency & trust
Dashlane plans to publish the enclave’s code, so users and security experts can verify and validate the code and our claims.
How Dashlane Confidential SSO works
When users log in with Dashlane Confidential SSO, they trust their IDP with their authentication credentials, which are transferred through a secure enclave. The enclave will only deliver secrets when presented with the correct credentials from the user. Secrets are transmitted through a secured tunnel, and the data processed inside the enclave remains confidential—even Dashlane cannot access it.
With Dashlane Confidential SSO, organizations of all sizes experience enterprise-level security, IT admins get seamless integration, and employees can log in to Dashlane using their company credentials. It’s a win-win-win!
