Security vulnerability reporting

Dashlane recognizes the importance of security researchers in helping keep our community safe. We encourage the responsible disclosure of security vulnerabilities directly to security@dashlane.com with the subject: "Security vulnerability report" or through our HackerOne bug bounty program.

Disclosure guidelines

Before reporting a security issue, please read our security FAQs.
Please provide thorough details regarding the vulnerability so that we can successfully recreate and address the issue.
Include proof of concept code, screenshots, or screencasts as needed.
Please be aware that depending on the severity of the vulnerability, we will need a reasonable amount of time to respond to and/or fix the reported issue.
Please make a good faith effort not to leak, manipulate, or destroy any user data. Please only test against accounts you own yourself or with the explicit permission of the account holder.
Please refrain from automated/scripted account creation.
If your report includes sensitive information, please use the following GPG key:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFbB6uEBEACuEMckppyLgGttaWxi1Rbt5lGeaKWMBmiGsHwj66IX9ezQi8MJ
t1yna3xgCUbnOscTHh7Fwf8TPjQGFOEFWhnD+Me6pvNvSyImPiDBLjmchRvprFBa
T05CxiIi1NKG0yTPKw8cEN/mzW9tgbtLWPuyy1dJJJv1trChOrzygXuDkYztWY7n
XSEolOAg38gSOiw7g+fjoAHveGepu80M15YRqIZDdQQqTq1NpOElVEnFc+n/q3UW
9ckTFzb4ewYM12LHifW5Fwsc/H1TAQY7Cvw5LmuJHQFvHQpIlTZ/i2pQLVDQYVBs
+5qn2kpC4yeeQRUOiiEWeTre0vgIyLBKcHoObi15FvmJG/5gGEmTOsMPwRtqkcIK
HGX8uyhAfsVe+dbHrA4YWYRtjIwVl8p5Rn73/AkJ37OSQAp4YdrzcGj7kmBXlbuy
9NbscHwOhdnmmSAR9WPdEL67D8qiecCD0TjL++ReCCRiaYwH4OzknjLrZcCezx/Z
v5OMSxOxdu+sd9GgEmERDI0sIOUOmgUcbSu9yygpl3d0LhLiub+5p/iCvvg5aF0J
AyGO/gln2st/d+VxlgwXi5davMSotn5pK+Jryt65wHgcdAouDMSU5pu6U3OlKbqD
wpi5cFM45XaJJ5N5zjb/9HhltAMIC5b81Lxbco1g0jxHE+E3ZxyfEbqYAwARAQAB
tClEYXNobGFuZSBTZWN1cml0eSA8c2VjdXJpdHlAZGFzaGxhbmUuY29tPokCVAQT
AQoAPgIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgBYhBOEFraW3KqkJbVXfN1dg
K4/OmVGyBQJeXnIYBQkNQYFHAAoJEFdgK4/OmVGynv0P/3aE5zxHcz1FVshKocRf
pXbYb0FxGm67avGGC4y6X/PpYDZF1TSd3Z6ilSheAdrTLGAufkwHYCKR190tH794
7oPXTLPmaHz0PBJDBsTWmsOjM18X0zYguQkTFhrIIN9YjumS9zmox1EJJpZBNJY3
uKqVz6XqDaVK5rv+ZhXeSa9X4JPTUNO6gZ6CrDEQB/BOon3v6aiFM0sBhXN0m6R/
pFjoM/QnGuim0WegNMp5GXKYcWilz19QGcppsSHb057WDwlUA5JWXdoCLA3nVepC
fb/uT+hwWJPWduxR16MwzOEQ0NzQ0vEWCY5c0TSEF6QpbX3m1JZpI6lw2Z2sylfs
lQzKHjfYFGDAJXJJIeQZLUS1ln8jVg55/4AWb1tlXVUhAEZHWTd3H3NezfklpYmS
EVmjk7sNUYmTOgnEX3WR+pqZnBTX6qjvZUuQVxrDKY+VmMyxetw0LtrJa5Ratl/S
Y4l63jZDq/STCQv7xdjV9fHJzr21FXjIj9XxokEzO++DVEq3CNxw8R6+BlaVgKJS
SjWljBhBY8hM4mkJvj9nF1Mxbwg4S/VDkkb9dTTPR8+ODEEewhXL/2DammQKcOjY
f62Ma1Lr1WKhZmylrKi/1DqxpNEkkpdAfkDr0eUSfYfViJuDMjpARFjhAiSPvt1D
P/lyLQ0VgCMtz+SoV8jQnvFRuQINBFbB6uEBEAC7PgHaHrA65urm5wCnc2rFK2Ku
Cv9svAMCdqXFiKoeLiLMCQaJ/ndXbCr7I0jWBtY56KkK8GoM2haOoY+CNhYLVY5D
vW/RdWfI3eKml46jDW4lmW2N/GGURvks/cZuThAR81HHv2QtS72sn5H3ISiQsA5T
nErYghpa5w8JSybWXEemVs7subyVe5KFJSpBp3fIXiQji3wCqOOM92tt5TQeGQqS
c88A9wuKhU2ZYx/UhV2QbNVlOEAS/b/BcQRoGuPry9JtKQlSr+3plUmzbBXfoGrh
eqo+JvgGZEYY9Wsp72zk5z9BRpTYxshiiN01+DlrLfBkiMFErkWfbVOeyOPlvvVg
NyBsZYT1p75CyAXiz5WTdempLuhdyKJK9GJ3R+Ny7OFJyDbC0CK6Ml8PGIqGdKwM
exjGxQYzypvc1CNfvMAdl5GvbHVkFM+kMkf8TUYLDRec6LgjkowUUPqUh7iOOXo3
Bw0YkskgVk5wosovGMarInmdehTld33kdAw7EnUZaaX8pZicETrBjt5PIHTHasH2
c/fNtjFtrIqQ9+2lQPSpcc8h3OBrpL8rhvWEG/XUPCvJ4O34ZJkZtMCJ+IGCqyEL
pU7GafZmcLgVx9Pfa+nSd2O12GOp3l0Df7G7qnmBhhju1kLIDTSSIA8jHfhmbprq
ILJ/F1C9skdqV21miQARAQABiQI8BBgBCgAmAhsMFiEE4QWtpbcqqQltVd83V2Ar
j86ZUbIFAl5ececFCQte/BYACgkQV2Arj86ZUbIJGA/8DPc5SXtw7L9HZBbs6tih
dJA6qvrpgI3BAVwlufPV/fBccLVx4YWraV02eVwwVJJAghR0yN4Krj7aoJLR5DrY
l0sPUYc7UoA3UC4CD4wzHG2of8bd5aiqqXPupzVn5FVqv2hnL+c7XRtIvIAtfgik
0cQbK/CLc0I+griC2AY5jBeBRIO8ONbgfG4nv7yGCW6MY8mWFeS8jWOhR4xVqeRW
uRi/ruDXsYOlh2brnIXWTRjiy08UD+o5UB1kq3D3LmIGi8jZQW/K4h54dBKvAR1p
JG37NoLGM/Lad2ATVr13NT/jBYCD9QJf3ari7++pe07gl6sljbEmig4XsXzFzxK/
sfSnUv5tFvTS9/G8VJJF8EugeUEbqY8fl4FrxHmpSNyrA2oQYTKLuQ9Uwm67C0B2
M3Yoz1yncgWL07Fjy3egCx0HjhHQPMutz1a+6KKfRmrz4JhZV7ZsgFbWb8r1Kee3
ecNw511bCaRiHO+YKuaOqi5Ykz/Jo/urXIrbhH2NnZF1YVaocOT/RR5na9AShGdm
9JcfG+FrlkYFM2EOt8WijHL1hYCw/x9+nHs8ZCHbTKM2PkEcTNtqS4xIg7MYmHp+
Za3c1Ujc3HsYwip1IM1FZWqw4rKCpohtj5TX87f16xJnyccIQewjM+kHDAgPnCe1
HDrWtb3Mh/1SsGZ5NZpdo0k=
=QZ3D
-----END PGP PUBLIC KEY BLOCK-----

Copied to Clipboard

HackerOne bug bounty program reward eligibility

Dashlane may provide rewards to eligible reporters of qualifying vulnerabilities through our HackerOne bug bounty program. Reward amounts may vary depending on the severity of the vulnerability reported.

Dashlane reserves the right to decide if the minimum severity threshold is met and whether the vulnerability was previously recorded.

To qualify for a reward under this program, you should:

Be the first to report a specific vulnerability through our HackerOne bug bounty program.
Send a clear textual description of the report along with steps to reproduce the vulnerability. Include attachments such as screenshots or proof of concept code as necessary.
Disclose the vulnerability report directly and exclusively to us. Public disclosure or disclosure to third parties – including vulnerability brokers – before we address your report will result in forfeiting any potential reward.