Breaking News

8 enterprise password managers and the companies that will love them

Image: Getty Images/iStockphoto

 

Contents

If you’re reading this, there’s a good chance you’ve heard your business needs a password manager, or you’ve found out the hard way that you need one.

Regardless of how you’ve come to realize that good business password management is essential, you’ve probably then found yourself faced with another problem: How do you pick the right password management software for your particular business?

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

When it comes to managing passwords, the choices are many, but the differences are relatively few. After all, there’s only so many ways to design an application with the same core concept, which in this case is keeping passwords securely locked behind a single sign-on account.

That said, there are small features that are no less essential for their size and scope that can be the deciding factor for some businesses. Those are what we’ll tease apart by comparing these eight leading enterprise password managers.

What makes for a good enterprise password manager?

Chances are good at the very least you’ve heard of password managers. You may even use a personal one (and good on you, if so), but choosing a personal password manager versus choosing one for an entire organization can be a bit trickier.

Many people even choose to forego a password manager in favor of Android and iOS’ built-in password keychains, but that’s not an option in professional situations where password security is paramount.

The bottom line is that there’s no avoiding the necessity of some form of password management for modern businesses. That doesn’t mean that every enterprise password manager is suited to every enterprise, but there are a number of things any business password management tool worth its bits should be able to do.

A good enterprise password manager must:

  • Let users securely distribute login credentials for shared accounts
  • Be able to generate random, secure passwords
  • Offer multiple authentication factors
  • Be able to be centrally managed by IT
  • Have cross-device functionality and apps
  • Use properly secure encryption
  • Be as frictionless for users as possible

Don’t underestimate the importance of that last point: If a new solution adds friction to an employee’s daily flow they’re less likely to use it. In some instances that’s not the end of the world, but when it comes to password security you don’t want to spend a lot of money on something that people won’t use, or will use grudgingly.

That said, assume that the enterprise password manager “musts” listed above are standard features of the eight options covered here. Which of the eight is the best choice for your organization will come down to how they differ.

One interesting feature shared by several of the following products is free family accounts for all of an organization’s employees. This is offered by half of the eight products reviewed here, and highlights an interesting difference in philosophy between the two groups of companies that 1Password put best: “When people practice secure password habits at home, they’ll be more secure at work.”

It’s worth considering that, by extending enterprise password managers into your employees homes, you’re eliminating several micro-ingress points that a determined attacker could exploit. Information about family members is great as phishing bait and for other cybercrimes. That’s ultimately a win for companies.

A note on identity and access management

You may be wondering why there’s no mention of identity and access management (IAM) tools in this article, and there is a reason: Password managers and identity and access management are related, but different in scope and scale.

Password management is often a component of identity management, whereas identity management as a whole is a different paradigm of account security that uses additional methods of verifying identity than just a password or a second factor.

SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)

Businesses who are considering password management as part of a wider digital transformation effort may want to think beyond passwords toward where password management fits into a wider identity management system. You can learn more about IAM platforms here.

The best enterprise password managers

LastPass

Image: LastPass/GoTo

Desktop apps: Windows/macOS/Linux

Browser extension: Chrome/Firefox/Safari/Edge/Opera/IE

Mobile apps: iOS/Android (all downloads available here)

Tiers: LastPass Teams/LastPass Business

Price: $4 per user per month/$6 per user per month (both plans are billed annually)

Popular consumer password management app LastPass has two different business pricing tiers, the first being called Teams, which is limited to 50 seats, and Business, which costs an extra couple of dollars per seat but adds lots of features and scraps the user cap.

Both tiers offer the same basic features, including dark web monitoring and basic reporting capabilities, but if you want the best features offered by LastPass you have to not only purchase the more expensive tier, you also have to pay an additional fee per seat.

What LastPass calls “advanced SSO” is an additional feature that, for an additional $2 per seat per month, removes the three single sign-on app integration cap that the business plan comes with (it’s not available at all at the Teams level).

The second optional add-on for Business tier users is “Advanced MFA,” which LastPass describes as “extending passwordless authentication to all endpoints” through a combination of biometric authentication and contextual policies. This add-on tacks $3 per user per month onto each seat.

LastPass is also one of the four providers that offer free family plans, but only at the Business tier. If you want both of those add-ons, LastPass Business has a bundle option that adds Advanced SSO and the MFA bundle for just an additional $3 a month, bringing the total per user per month to $9.

Who is LastPass for?

Even at $9 a month, the full-featured Business tier isn’t that expensive, but if you are a small business looking to get basic password management tools for your users, the $4 Teams tier may be the best bet. Keep in mind LastPass Teams is minimally featured compared to the Business tier, but by locking what should be basic safety features behind an additional paywall, LastPass may inadvertently have made their software better for SMBs and small teams who only want the basics.

It’s also worth noting that LastPass is owned by GoTo, which produces remote access and work tools like LogMeIn and GoToMeeting. If you’re looking for new tools in that space, packaging them with LastPass may help save some money.

 

1Password

Image: 1Password

Desktop apps: Windows/macOS/Linux

Browser extension: Chrome/Firefox/Safari/Edge/Brave

Mobile apps: iOS/Android (all downloads available here)

Tiers: Teams/Business/Enterprise

Price: $19.95 for up to 10 users/$7.99 per user per month/Contact sales (billed annually)

I’ve used 1Password on macOS and iOS, and speaking from an end-user perspective it’s reliable and minimally obtrusive, making it just about as good as a password manager can get.

Like some of the others in this list, 1Password offers free family plans to its Business tier subscribers, but it also has a lot of other features that make it a solid choice. At the Business tier, all the basic features that you’d expect are present, as well as the ability to create custom roles and groups; AD, Okta and OneLogin provisioning; 5GB of document storage per user; granular controls for each vault and more.

As far as the Teams tier goes, 1Password didn’t skimp on that front, either: It’s a flat $19.95 for up to 10 users, and all the basic features are there. Enterprises that are large enough to warrant a dedicated account manager, onboarding engineer and site-specific training will need to contact 1Password directly to get a quote.

Who is 1Password for? 

Like the other consumer-focused products in this list, 1Password is designed to be easy for anyone to use. It has plenty of integrations with IAM tools, and Business-tier features like usage reports, simple GUI policy creation and other admin features make it a good choice for both enterprise-level companies and SMBs looking to pay a small, flat rate with some room to grow.

Keeper

Image: Keeper Security

Desktop apps: Windows/macOS

Browser extension: Chrome/Firefox/Safari/Edge/Opera/IE

Mobile apps: iOS/Android

Tiers: Keeper Business/Keeper Enterprise

Price: $3.75 per user per month (billed annually)/Contact sales

While Keeper has customer-facing apps, it’s definitely an enterprise-first product. Its basic Business tier has standard features you’d expect in a business-level password management tool, plus shared folders, unlimited devices for users, a policy engine, auditing and reporting features and the like.

If you want more than 100 users, or additional enterprise features that make Keeper a better fit for big organizations, you’ll need to call about pricing, but it might be worth it given what Keeper Enterprise comes with.

Enterprise users get the standard Business features, plus automated team management, advanced 2FA capabilities, AD and LDAP syncing, SCIM, email, command line and Azure AD provisioning, developer APIs and more.

Additional a la carte paid features (which don’t come cheap) are also available for Keeper, encrypted secure messaging, dark web protection, advanced reporting, a secrets manager for securing source code and secure file sharing are all available.

Who is Keeper for? 

Keeper has a lot of features that make it an ideal choice for the big enterprise that can afford to spend money on integrations and customizations. It’s Business tier plan is also good for small organizations, but Keeper’s best offerings await those with deep pockets.

Dashlane

Image: Dashlane

Desktop apps: Windows/macOS/Linux

Browser extension: Chrome/Firefox/Safari/Edge/Opera/IE

Mobile apps: iOS/Android (all downloads available here)

Tiers: Dashlane Team/Dashlane Business

Price: $5 per user per month/$8 per user per month (billed annually)

Dashlane is another consumer password management app that has a robust tier for organizations that is split into two levels: Dashlane Team and Dashlane Business. Like other offerings, Dashlane has all the basics you’d expect from a business password manager, along with a few unique features.

At the Team tier, all users get free personal premium Dashlane accounts, enabling them to store personal passwords in a separate secure vault, as well as a free VPN for use on public Wi-Fi networks. The Business tier adds free family accounts, as well as SAML-based single sign-on integrations.

Who is Dashlane for?

With its baked-in public Wi-Fi VPN, Dashlane is ideal for businesses with a lot of employees in the field. Technicians who travel from site to site and leaders on business trips are just two types of people who can benefit from that type of additional protection. Even small organizations who don’t want to spring for the advanced Business tier features can benefit from the built-in VPN, which is available at both tiers.

Sticky Password

Image: Lamantine Software

Desktop apps: Windows/macOS/Linux

Browser extension: Chrome/Firefox/Safari/Edge/Opera/IE/Brave/etc.

Mobile apps: iOS/Android (all downloads available here)

Tiers: Sticky Password Teams

Price: $29.99 per user per year

Sticky Password is a unique one out of this list, in that it only has one business tier, Teams, and has a flat yearly license rate that breaks down to being less money than most other options (about $2.50/month), and each license purchased includes a donation to save endangered manatees.

If your company likes to do a bit of extra good with its purchases, Sticky Password has you covered with its manatee-saving mission, but that’s not all. Along with the basics you’d expect in a password manager, Sticky Password includes an emergency access feature that allows users to specify another person to gain access to their account in an emergency, and a portable USB key installation option that turns a flash drive into a plug-and-play password management device (Windows only).

Who is Sticky Password for?

Organizations with shared machines, like those in a machine shop, hot-desking offices, universities and similar setups will find Sticky Password ideally suited for their employees with its USB installation option. Additionally, those who want to ensure there’s no way to lose employees’ credentials will find the emergency action valuable both in unexpected situations and in a case of a disgruntled employee refusing to relinquish access.

Bitwarden

Image: Bitwarden

Desktop apps: Windows/macOS/Linux

Browser extension: Chrome/Firefox/Safari/Edge/Opera/Tor/etc.

Mobile apps: iOS/Android (all downloads available here)

Tiers: Bitwarden Teams/Bitwarden Enterprise

Price: $3 per user per month/$5 per user per month (billed annually)

Bitwarden is the only open-source choice in this list, so if that’s an important factor in your decision making process you’ve found the software for you. In addition, Bitwarden offers other dev-friendly features like a command line version of its app, API access, customizable roles and policies and even an MSP version for reselling.

Self-hosting is available for Enterprise-tier customers, as are free family plans and single sign-on integration. Additional features available at both tiers include encrypted file attachments up to 1GB and an authenticator app.

Who is Bitwarden for? 

As an open source tool with lots going on under the hood, a self-hosting option and an MSP program for reselling bitwarden to customers, it’s clear that this is a platform designed for big companies with a high degree of technical knowledge. Bitwarden has a lot of flexibility, is competitively priced, and gives skilled users a high degree of control. Just be sure your team can handle all of the possible points of failure before implementing something with so much customizability.

NordPass

Image: Nord Security

Desktop apps: Windows/macOS/Linux

Browser extension: Chrome/Firefox/Edge/Opera

Mobile apps: iOS/Android

Tiers: NordPass Business/NordPass Enterprise

Price: Starts at $3.95 per user per month/Contact sales

NordPass is made by the same company that makes the popular VPN software NordVPN, And even at its lower-priced Business tier NordPass still has a lot of features.

Google SSO is integrated into NordPass, making it an ideal accessory for businesses using Google software. MFA is included, as are reports that inform users if their passwords have been compromised, reused or are unsafe. It’s also GDPR and HIPAA compliant, making NordPass a good voice for those worried about meeting data security compliance rules.

The Enterprise tier of NordPass removes the 250-user cap, and also adds Active Directory provisioning, Azure SSO and additional support services. NordPass also offers an MSP tier for those that want to offer NordPass as part of their IT services packages.

Who is NordPass for?

NordPass puts its compliances front and center, so businesses who expect to operate in the E.U., or work with U.S. healthcare providers, will appreciate those features. It’s also worth noting that the Business tier allows up to 250 users at just $3.59, which is a great price and a higher cap than some of the other products. If you’re small and planning to grow, NordPass may be an ideal choice.

Zoho Vault

Image: Zoho Corporation

Desktop apps: Windows/macOS/Linux

Browser extension: Chrome/Firefox/Safari/Edge/Opera/IE

Mobile apps: iOS/Android

Tiers: Free forever/Standard/Professional/Enterprise

Price: $0/$0.90/$4.50/$7.20 (per user per month, billed annually)

Zoho Vault has a lot of great features, even at its free tier, but for just $0.99 per user, per month organizations can get central administration, password sharing, time-based one time passwords, IP address restriction, G Suite and Office 365 integration and more.

Kick it up another notch, and you add group management, user access and activity reports, emergency authorized access, and at the top tier there’s AD integration, SSO for cloud apps, Okta and OneLogin integration, help desk software integration and more.

Who is Zoho Vault for?

Zoho offers a number of other business applications as well, like CRM and sales software, and Zoho Vault is designed to perfectly integrate with all of its other software.

In addition to being great for users of other Zoho products, Zoho Vault is an ideal choice for businesses that want a lot of features and integrations for the lowest possible price. As mentioned above, even the $0.99 tier offers a lot of features that would cost at least double on other products.

Additionally, even Zoho Vault’s free tier has some business features that can make it valuable for organizations starting very small, like password policy enforcement. Sure, it’s made for individuals, but there’s no reason you can’t use it to dip your toes in the password management space with absolutely no financial commitment.