At Authenticate 2025 this week, the world’s leading experts on modern authentication and securing digital identities gathered, to discuss the future of secure authentication and achieving usable security across the account lifecycle. The message was clear: the future of phishing-resistant authentication is using passkeys for encryption, and the gold standard is device-bound passkeys – YubiKeys.
At the conference, in partnership with Dashlane we announced a major step in data protection of credential managers by using passkeys for encryption. Dashlane now integrates FIDO2 YubiKeys for phishing-resistant passwordless login to and encryption of their credential vault. This makes Dashlane one of the very first credential managers to adopt FIDO2 security keys as the primary method for vault access, an advancement made possible by leveraging the WebAuthn PRF (Pseudo-Random Function) extension for a standardized approach on the web.
As a result of our collaboration, Dashlane users can now secure their sensitive data with YubiKeys – offering the strongest passkey protection for authenticating with passkeys, as well as encrypting the vault without the need for a master password.
Goodbye master password – hello hardware-backed trust with YubiKeys
A core advantage of Dashlane (and other password managers) is their ability to generate and store strong, unique, and randomized passwords for each site or app – thereby eliminating the risk of using weak passwords or password re-use. However, the immense value and centralized convenience of this system introduces a significant risk: the master password itself becomes a single point of failure. Crucially, this centralized access also does not eliminate the fundamental vulnerability of passwords to phishing, and the requirement to create and remember one sufficiently complex master password still places a burden on the individual user.
Dashlane resolves this trade-off by enabling YubiKeys as the primary method for vault access and encryption, so that new users can now take advantage of a seamless, phishing-resistant, and entirely passwordless flow that dramatically enhances both security and user privacy.
- Eliminate high-risk password management: The master password is a major attack vector, especially for users who might reuse or write down simpler versions. A YubiKey used for encrypting the vault eradicates this risk.
- A foundation for true Zero Trust: The combination of a strong hardware authenticator (YubiKey) with a passwordless recovery solution provides the strongest foundation for a modern Zero Trust architecture.
- A familiar, seamless user experience: Many are already familiar with password managers. Implementing YubiKey-backed authentication into their existing tools provides a massive security upgrade with minimal change management.
As Dashlane CEO John Bennett stated, “The Dashlane and Yubico integration combines the most advanced security available to protect sensitive credentials while eliminating the friction often caused by password-based logins, drastically raising costs for attackers and making good security hygiene easy for users.”
Building a passkey-based encryption framework for the future
Currently available for new web users using Chromium-based browsers, Dashlane’s new solution is the foundational piece for a comprehensive, phishing-resistant framework that goes beyond authentication for the future of credential management. This partnership marks a critical step in Yubico’s overarching mission to make the internet safer for everyone and enables users to take control of securing their identities across the account lifecycle. Yubico’s commitment to this vision is:
- Driver for Open Standards: Lead the way to promote open, interoperable, and vendor-neutral passwordless security, Yubico invented and contributed to open authentication standards (FIDO2, WebAuthn, OpenID) – forming the basis for modern phishing-resistant authentication, including passkeys.
- Simplifying passkey adoption: YubiKeys offer a seamless, tap-and-go experience that works with Dashlane and hundreds of other apps, devices, and services to make phishing resistant authentication feel effortless.
- The gold standard for passkeys: Yubico advocates for the global adoption of passkeys, including encouraging vendors and security leaders to raise the security bar by expanding more seamless access to use passkeys. Specifically, offering the ability to use device-bound passkeys stored on a hardware security key like the YubiKey which offer the highest authenticator assurance by being non-exportable, purpose-built and removes cloud syncing risks.
Security key-based encryption/decryption using WebAuthn PRF is currently available only on Chromium-based and Firefox browsers. Yubico will actively collaborate on the development of Yubico SDKs that will enable Dashlane to roll out the same FIDO2 security key support to their mobile applications. We believe that in time, the relevant OS APIs will be available to natively provide this seamless security across platforms.
As the threat landscape is becoming more sophisticated with the rise of AI-driven attacks, Yubico and our partners are working to fortify defenses with stronger, easier, and more scalable solutions like this – offering the strongest passkey protection for vault credentials. By partnering with pioneers like Dashlane, we are extending this hardware-backed, phishing-resistant security to protect the most sensitive piece of a digital identity – the credential vault – solidifying the YubiKey as the foundation for a secure, truly passwordless future.
To learn more about the partnership, check out the press release and visit the dedicated listing for Dashlane in our Works with YubiKey catalog to get setup instructions and see how to deploy this new phishing-resistant security.
