Think about all the online accounts you have - from email and social media to online banking and shopping. How do you manage all those passwords? If you're like many people, you use the same password for multiple accounts. Some people write down all their passwords in a notepad or leave them on a sticky note on their workstations. The problem here is that absolutely anyone who might have physical access to your space could easily steal every password. All it takes is a single smartphone camera snap, and every account listed could be compromised.
Others create one or two passwords that are easy for them to remember, then reuse those passwords across dozens of different sites and systems. Many people still use easily guessable passwords like "password123" or "123456." These passwords are a piece of cake for hackers using automated tools to crack them. Most people — around 90 percent by one survey — know that this is dangerous, yet almost 60 percent admit to doing it anyway. (And let’s be real: most of the remaining 40 percent are lying!)
Using the same password across multiple accounts increases your vulnerability. If one account is compromised, all your other accounts become potential targets. If criminals manage to steal your username and password anywhere (through a data breach, a phishing attack, or anything else), then chances are good they now know your password everywhere — including sensitive accounts like your bank and your corporate logins. And when our email addresses are reused as usernames, the problem is even worse!
What is a password manager?
Now that we understand the importance of password security let's explore what a password manager is and how it can help mitigate these risks. Simply put, a password manager is a secure digital vault that stores and manages all your passwords.
When you set up a password manager, you'll typically start by creating a master password. This is the key to unlocking your password vault, so it's crucial to choose a strong and memorable password.
Once you've set up your master password, you can start adding your accounts to the password manager. This usually involves entering the website or app's name, your username, and your password. The password manager will then store this information securely in your password vault.
When you visit a website or app that requires a login, the password manager will recognize it and offer to autofill your login information. This saves you from manually entering your username and password each time. Some password managers also have browser extensions that automatically detect login forms and offer to fill them for you.
The benefits here are numerous:
- You don’t have to manually insert your data when you’re creating an account. Most password managers come with autofill capabilities. This means when you visit a website or app that requires a login, the password manager can automatically fill in your username and password for you. This streamlines your online experience and eliminates the tedious task of manually typing in your login credentials.
- Secure password sharing: Password managers often include features that allow you to securely share passwords with trusted individuals. This is especially useful for teams or families who need to share access to certain accounts without compromising security.
- The process of logging in gets simpler (no guesswork or password resets). With a password manager, you no longer have to remember multiple passwords. You only need to remember one master password to access all your accounts. This saves you time and eliminates the frustration of forgetting passwords or having to reset them.
- Your business and personal accounts become exponentially more secure. A password manager generates strong, unique passwords for each of your accounts. These passwords are often a combination of letters, numbers, and special characters, making them difficult to crack. By using unique passwords for each account, even if one account is compromised, the rest remain secure.
- Multi-device synchronization: Many password managers offer synchronization across multiple devices. This means you can access your password vault from your computer, smartphone, or tablet seamlessly. Your passwords are always up to date and accessible wherever you are.
Features to look for in a password manager
- Cross-platform compatibility: Ensure that the password manager supports all the devices and platforms you use, such as Windows, macOS, iOS, and Android. This ensures you can access your passwords from any device.
- Two-factor authentication: Two-factor authentication adds an extra layer of security to your password manager. It requires you to provide a second form of verification, such as a fingerprint or a one-time code, in addition to your master password.
- Password generator: A good password manager should have a built-in password generator that can create strong, unique passwords for you. This eliminates the need to come up with complex passwords yourself.
- Secure password sharing: If you need to share passwords with others, look for a password manager that offers secure password-sharing functionality. This ensures that passwords are encrypted during transit and only accessible to authorized individuals.
- Data backup and sync: Choose a password manager that offers regular data backups and synchronization across devices. This ensures that your passwords are always up to date and can be restored if necessary.
Popular password manager options
Now that you understand the features to look for, let's explore some popular password manager options available:
LastPass. One of the biggest names in password managers, LastPass grew in popularity as a freemium consumer product, but its business offerings are impressive. Its business product gives each user their own password vault and gives your organization robust admin oversight, including over 100 policy customization options.
Users can safely share their credentials with others, such as providing a vendor temporary access to an app or location.
LastPass also supports multiple modern authentication technologies, including passwordless (with the LastPass Authenticator), multifactor authentication (MFA), and single sign-on (SSO).
One downside: business pricing is opaque and quote-based — but we can help you with this!
DashLane. DashLane offers password management for home, mobile, and business that’s CCPA compliant, GDPR compliant, and AICPA SOC 2 compliant. It’s a bit more streamlined than some others, yet it still provides plenty of power, security, and control.
DashLane’s Team plan starts at $5 per user per month and provides simple, secure password management, group sharing, policy management, and an admin dashboard. The Team plan also integrates with Active Directory and supports two-factor authentication (2FA)
Businesses that need access to SSO or SCIM provisioning should choose the Business plan, which starts at $8 per user per month. Notably, the Business plan offers every paid user a free family plan — an attractive perk to offer your team.
Keeper. Designed with the needs of small to mid-sized businesses in mind, Keeper is simple and straightforward to implement. It uses a zero-trust and zero-knowledge security architecture, which is the most secure method available. It’s also extremely affordable at $3.75 per user per month. And even at that low price, Keeper Business matches DashLane’s offer of a free Family Plan for every paid user.
The Keeper Business plan isn’t as robust as LastPass or DashLane and does omit certain technologies, including SSO, advanced provisioning, and compliance reporting. If you need those and like the Keeper model, the company does offer an enterprise plan with those features.
1Password. 1Password offers a powerful business-oriented product that promises to “secure employees at scale.” That tagline alone tells you that 1Password is angling for the enterprise crowd. Integrations with Azure Active Directory, Google Workspace, Okta, OneLogin, and Slack suggest the same — though no matter your business size, you may benefit from a few of those integrations.
1Password rolls together most of the offerings of other password managers: secure password storage, encrypted password sharing, free family accounts, and the ability to access passwords virtually anywhere on any device.
Unique features here are the ability to access from the command line (nerds rejoice!) and the ability to store more than just passwords: secure notes, SSH keys, and sensitive documents can all reside within users’ 1Password vaults.
Pricing starts at $7.99 per user per month, but every contract is a custom quote. Translation: your real costs will likely be higher.
At publishing time, 1Password’s SSO support was only in beta, which is a bit surprising for a company targeting large businesses. They’re likely to catch up soon, but if SSO is essential for you, they might not be the strongest choice at this time.
So, what are the next steps?
The truth is that implementing a password manager for your own personal use is very straightforward. Implementing one across your entire business is a little more involved and may require IT support.
If the prospects of making this move seem like more than you can take on, we’re happy to help. We can advise you on the right solution for your needs and assist you with the setup and implementation of that solution.
Ready to get started? Reach out to our team today!