So I recently started looking for a password manager that we could use within the company to keep track of the dozens (hundreds?) of passwords we use for our client networks. The challenge is to maintain complete security of our clients’ networks and data and yet allow our team to work efficiently without constantly going back and forth amongst each other for password reminders.
The way we’ve worked so far is largely on memory and a simple password scheme that allows our staff to figure out what a password would be. Plus the odd mix of personal password managers, assorted semi-obfuscated documentation & lots of shouting across the office. As we grow a number of things change. The number of staff who need to know passwords (different levels of access – more on this later) increases, the number of different client systems we work with increases and our own security policies have become stricter and now require that passwords not be “guessable”. So – despite the fact that I’m convinced that I have the memory of an elephant I’ve been having a quick look at the world of password managers. I’ve used several over the years, the two most memorable being eWallet and KeepPassSafe. Both reasonably good products but very lacking in terms of access (they’re both just desktop apps that can only work on multiple computers if you copy the database file between them) and sharing – as they’re both desktop apps they just work for the one user.
Originally I was looking for a LAN server-based app that we could use in the office but considering the increasing requirement for us to have access to passwords when we’re out on site, at home, on the road etc it made sense to look for something cloud-based that could potentially have a desktop app and a mobile app.
So a quick Google search yielded a number of popular results, and I ended up looking closer at the following:
So that’s my shortlist for now, I will update this post when I’ve done a proper comparison.
p.s. you may also benefit from reading Diwaker Gupta’s great blog post which talks about his similar mission, differing mostly in that he wants a single user app whereas I must have a multi-user one.