6 Small-Business Password Managers
The right password manager can help bring enterprise-class security to small businesses. Here are a half-dozen candidates to strengthen your access management.
November 8, 2019
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt70935752b13cf08c/64f0d3a94652458134fb4d49/Image_1.jpeg?width=700&auto=webp&quality=80&disable=upscale)
Good passwords are messy. They're long, chaotic, and very difficult to memorize. That's what makes them so strong. To keep them good and useful, though, requires a tool — a password manager.
The idea at the core of most password managers is simple: A database that matches user names and passwords to login pages is stored under the protection of a single strong password. When a login page is encountered, the password manager springs into action, filling in the necessary fields when unlocked with the master password.
With a password manager, the security best practice of a different strong password for every account can be followed, and changing those passwords on a regular basis becomes much less traumatic.
Any password manager worthy of consideration will perform this basic task well, though differences exist in how it is performed, how credentials are protected, and how the tool integrates with other security, directory, and network management components. These differences are especially critical for small businesses. Since smaller companies tend to have smaller budgets for IT staff, the need is high for a password manager that has features to fill in the blanks left by other products, is easy to integrate into existing infrastructure, and protects passwords for users who might have access to significant caches of critical data.
What products fit the bill? Dark Reading scoured the Internet for user comments, professional opinions, and published reviews of password managers of use to small business IT. We found half a dozen candidates that span a wide range of capabilities and prices.
As you click through the list, you'll notice there are no free or open source options. That's because all of the options in those categories are most suited to individual consumers, are quite complex to integrate into business infrastructures, or both.
We'd also like to know: Which password manager do you use for your small business? Do you worry about integration, or do see password management as a purely end-point issue suitable for a free-for-all solution? Let us know in the Comments section, below.
(Image: beebright VIA Adobe Stock)
LastPass is a popular password manager for consumers, with individual pricing starting at "free." But the company also has a number of business offerings that can make managing both individual and companywide passwords possible from a central console. Many organizations will find one of their two most basic business offerings will suffice, but options for those that require more advanced authentication are available.
LastPass business solutions begin with "Teams." If your business has fewer than, say, 50 employees, then it could be enough. LastPass Teams has many of the functions available in the Enterprise version, but it is designed, according to the company, to be easy enough for business unit professionals to be able to deploy and manage the service.
If you need to employ complex user policies, integrate the password manager into network directories and cloud services, and offer single sign-on to a wide variety of business applications, then the LastPass Enterprise version may be a better choice. The difference in cost between Teams and Enterprise versions is small -- $4 per user per month for Teams and $6 per user per month for Enterprise -- but the difference in knowledge required for proper integration and deployment is larger. In both cases, the individual user is required to know very little about policies or the LastPass application since set-up is a centralized process and the application guides the user through the actions required.
While some of the products in this article are based on consumer offerings (LastPass, 1Password, etc.), BeyondTrust Password Safe is an enterprise service from the get-go, aimed at organizations that need to lock down the authorization and access of hundreds to thousands of users.
When you step up to a system like Password Safe, you start adding functions such as automating device discovery on the network, generating and storing passwords for devices, managing passwords for privileged accounts, and adaptive access control, for which the complexity of generating passwords, amount of time the password lives, and which users can access the password depend on factors such as location and time of day.
In order to take advantage of features available from a product like Password Safe, most organizations will need dedicated security professionals, an outside integration partner, or both. In return, though, a business can expect both sophisticated password security and authentication strength, and advanced analytics run on attempts to log in and use accounts within the system.
Pricing is available from BeyondTrust by request.
Keeper is a service that has a foot in each of the consumer and business markets. Popular among consumers introduced to the product through its free version, Keeper provides a series of functions for a small business that could grow with requirements as the organization expands.
Keeper begins with the basics, generating strong passwords and then keeping those passwords (along with files and sensitive data) in a separate, private vault for each employee. The service then adds role-based access and a central management console to make it easier to manage access for expanding groups of employees.
Finally, Keeper brings password and access auditing and version control to the strong password game. It does this for about $3.62 per user per month or $32.33 per user per year.
1Password is another product that has fans among both consumers and business IT security professionals. On the business side, the company provides three different levels of functionality for organizations of varying sizes.
For smaller organizations, 1Password offers Teams, which provides the basic functionality security professionals expect from the category, including strong password generation and storage, two-factor authentication support, and administration functions for managing passwords, policies, and access. Teams also includes five "guest accounts" for which administrators can set up temporary passwords. Teams is priced at $3.99 per user per month.
Moving up to 1Password Business brings additional management and monitoring capabilities, 20 guest accounts, and 5 gigs of secure file storage per user, versus the 1 gig that comes with the Teams account. The Business account also adds finer levels of control on access control, monitoring and logging, and role-based access. The additional capabilities cost $7.99 per user per month.
Unlike many password management companies that straddle the consumer and business worlds, One Identity is a straight-up business service provider. And for One Identity, password management is just one piece of a comprehensive identity and access management set of offerings.
One of the focuses of One Identity's password manager is to reduce help desk calls by allowing users to access a self-service portal for activities including resetting forgotten passwords and establishing new passwords that meet the organization's standards. One Identity explicitly works to build on Microsoft Active Directory identity functions and can establish passwords for individuals across many different domains.
While One Identity Password Manager is available as a standalone service, it is clearly intended to be part of an overall access management infrastructure. It is an enterprise-class solution to enterprisewide access control. Pricing is available from One Identity by request.
Dashlane is a password manager that comes in versions for both consumers and businesses. Available as both free and subscription consumer options, Dashlane positions its business offerings as an expansion of its top-tier consumer subscription.
One feature that Dashlane promotes -- and one that could be of great interest to some small businesses -- is that users can manage their business and personal passwords from a single account. This is accomplished through "Smart Spaces" within the account that keep the two categories of passwords and logins separate.
A Dashlane Business installation allows for two-factor authentication and central management and administration (though the management console cannot see the items inside a personal Smart Space), along with multidevice support, strong password generation, and secure file storage common to the services in the category. Dashlane Business is priced at $4 per user per month.
Dashlane is a password manager that comes in versions for both consumers and businesses. Available as both free and subscription consumer options, Dashlane positions its business offerings as an expansion of its top-tier consumer subscription.
One feature that Dashlane promotes -- and one that could be of great interest to some small businesses -- is that users can manage their business and personal passwords from a single account. This is accomplished through "Smart Spaces" within the account that keep the two categories of passwords and logins separate.
A Dashlane Business installation allows for two-factor authentication and central management and administration (though the management console cannot see the items inside a personal Smart Space), along with multidevice support, strong password generation, and secure file storage common to the services in the category. Dashlane Business is priced at $4 per user per month.
Good passwords are messy. They're long, chaotic, and very difficult to memorize. That's what makes them so strong. To keep them good and useful, though, requires a tool — a password manager.
The idea at the core of most password managers is simple: A database that matches user names and passwords to login pages is stored under the protection of a single strong password. When a login page is encountered, the password manager springs into action, filling in the necessary fields when unlocked with the master password.
With a password manager, the security best practice of a different strong password for every account can be followed, and changing those passwords on a regular basis becomes much less traumatic.
Any password manager worthy of consideration will perform this basic task well, though differences exist in how it is performed, how credentials are protected, and how the tool integrates with other security, directory, and network management components. These differences are especially critical for small businesses. Since smaller companies tend to have smaller budgets for IT staff, the need is high for a password manager that has features to fill in the blanks left by other products, is easy to integrate into existing infrastructure, and protects passwords for users who might have access to significant caches of critical data.
What products fit the bill? Dark Reading scoured the Internet for user comments, professional opinions, and published reviews of password managers of use to small business IT. We found half a dozen candidates that span a wide range of capabilities and prices.
As you click through the list, you'll notice there are no free or open source options. That's because all of the options in those categories are most suited to individual consumers, are quite complex to integrate into business infrastructures, or both.
We'd also like to know: Which password manager do you use for your small business? Do you worry about integration, or do see password management as a purely end-point issue suitable for a free-for-all solution? Let us know in the Comments section, below.
(Image: beebright VIA Adobe Stock)
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024