Dashlane Users Locked Out After Brute-Force Attacks Trigger Security Lockdown
AI-generated from multiple sources. Verify before acting on this reporting.
SAN FRANCISCO — Multiple users of the Dashlane password manager were locked out of their accounts on June 1, 2026, following a series of automated security responses triggered by suspected brute-force attacks. The lockouts occurred after the system detected login attempts originating from distant geographic locations and unknown devices, prompting protective measures designed to prevent account hijacking.
The incident, which began at approximately 6:25 p.m. UTC, affected a significant number of Dashlane subscribers who found themselves unable to access their stored credentials. Dashlane’s security protocols automatically suspended account access when unusual activity patterns were identified, a standard procedure intended to safeguard user data from unauthorized entry. The company has not specified the exact number of accounts impacted or the geographic distribution of the affected users.
The login attempts that triggered the lockouts appeared to originate from locations inconsistent with the typical usage patterns of the targeted accounts. Security systems flagged these discrepancies as potential indicators of a coordinated attack, leading to the immediate suspension of access. Dashlane’s automated defenses are designed to prioritize the protection of user data over immediate accessibility, requiring users to verify their identity before regaining entry to their accounts.
Users reported receiving notifications regarding the security incident shortly after the lockouts were enacted. The messages instructed affected individuals to follow account recovery procedures, which may include identity verification steps and password resets. Dashlane has not provided a detailed timeline for when all users will regain full access to their accounts, though the company is working to resolve the issue as quickly as possible.
The incident highlights the ongoing challenges faced by password management services in balancing security and usability. Brute-force attacks, which involve repeated login attempts to guess user credentials, remain a persistent threat to digital security infrastructure. Dashlane’s response underscores the importance of automated security measures in detecting and mitigating such threats in real time.
As of this report, Dashlane has not confirmed whether any user data was compromised during the incident. The company is investigating the source and scope of the attack, with a focus on determining whether the login attempts were part of a larger, coordinated effort. Users are advised to monitor their accounts for any unusual activity and to follow the recovery instructions provided by Dashlane.
The situation remains developing, with Dashlane expected to provide further updates as more information becomes available. Affected users are encouraged to contact the company’s support team for assistance with account recovery and to stay informed about the progress of the investigation.