Dashlane discloses source code of Android and iOS apps

Password manager Dashlane has open sourced the source code of its Android and iOS apps. With this, the company wants to become more transparent about its software. Users will not be able to make any changes to the code themselves for the time being.

dashlane writes that it makes the code available under a Creative Commons Attribution-NonCommercial 4.0 License. The company has the code of the android and iOS apps posted online. For the latter operating system, the code of the macOS variant and the Authenticator totp app has also been put online. With Android, the same code is used for that authenticator as for the app.

Dashlane says the code is only available for viewing for now. No pull requests can be made for new features or security notifications. Dashlane wants to encourage that in the future, but that will require “a new level of internal organization.” Security researchers who find bugs in the code can report them to Dashlane in the normal way, through the responsible disclosure program at HackerOne. It is also not possible to set up an instance of Dashlane yourself.

In the future, Dashlane also plans to make the code for the web extension public. Since a few years, Dashlane can only be used in the browser and no longer via a standalone desktop application. It will take some time before the extension becomes public, the company says, because the extension is now being adapted to the MV3 requirements that Chrome will place on extensions in the future.

Dashlane says it’s making the code available to be more transparent with users and customers. The company also says that in this way it keeps itself sharp to make code better and to keep quality in order. According to Dashlane, the open source of the code involved the removal of many comments and internal content and required internal security audits.