Dashlane makes source code of Android and iOS apps public

Password manager Dashlane has made the source code of its Android and iOS apps available open source. The company wants to become more transparent about its software. Users cannot make any changes to the code themselves for the time being.

Dashlane writes that it makes the code available under a Creative Commons Attribution-NonCommercial 4.0 license. The company has the code of the Android and iOS apps posted online. For the latter operating system, the code of the macOS variant and the Authenticator-totp app have also been put online. On Android, the same code is used for the authenticator as for the app.

Dashlane says the code is only available for viewing for now. Pull requests cannot be made for new features or security notifications. Dashlane wants to encourage this in the future, but this will require ‘a new level of internal organization’. Security researchers who find bugs in the code can report them to Dashlane in the normal way, via the responsible disclosure program at HackerOne. It is also not possible to set up an instance of Dashlane yourself.

In the future, Dashlane also plans to make the code for the web extension public. For a few years now, Dashlane can only be used in the browser and no longer via a standalone desktop application. It will take some time before the extension becomes public, the company says, because the extension is now being adapted to the MV3 requirements that Chrome will impose on extensions in the future.

Dashlane says it is making the code available to be more transparent with users and customers. The company also says that in this way it keeps itself sharp to improve code and maintain quality. According to Dashlane, many comments and internal content were removed in order to open source the code and internal security audits had to be carried out.