Serious Discussion The security of password managers

That article supports your point

The BleepingComputer report states that Dashlane open-sourced its Android and iOS applications, making the client code available for public inspection. That was a meaningful transparency improvement compared with a completely closed-source mobile application.

However, it does not automatically make the entire password-manager service open or independently verifiable. Public client code may still leave important areas outside review:

  • Server-side synchronization and account infrastructure
  • Web applications and browser extensions
  • Build, signing, and update systems
  • Third-party SDK configuration
  • Telemetry and crash-reporting services
  • Metadata handling and backend logging
  • Internal access controls and operational procedures

I also cannot confirm from that article alone whether Dashlane has continued publishing updated source code, whether the public repositories match current store builds, or whether the open-source release was later expanded. Those points require checking Dashlane’s current official repositories and release history.

So the article confirms that Dashlane took a positive step toward transparency at that time, but it does not by itself establish that the complete service can be audited or that all privacy concerns have been resolved.
 
  • Hundred Points
Reactions: Divine_Barakah
I have used Dashlane, and Sticky. But decided to go with Roboform for ease of use and how it handles backups automatically.