How to choose a password manager for your business

How to choose a password manager for your business

Matt Davey by Matt Davey on

Download this list as a PDF for safekeeping and future reference

Download as PDF

Contents

Password manager basics

The Basics

Password managers like 1Password are only secure if your team are actually using them, so the basics are really important. A password manager needs to automatically save your passwords, generate stronger ones, and fill them accurately everywhere you need them. When you are using a password manager for your business, it also needs to store more than passwords, like secure notes and identities, while helping to build and enforce your password policies.

Β 1Password
Includes apps and extensions on Mac, Windows, iOS, Android and all major browsers.πŸ‘
Stores anything you need to secure. Passwords, notes, identities and credit cards.πŸ‘
Password manager security

Security

This is the most important section. Your choice of password manager should tick every box with confidence. Security is an ongoing task and you need to trust your choice to treat your information with the utmost respect.

Β 1Password
The operators of the service have no ability to see or learn what sites and services users have logins for, nor when they use those.πŸ‘
Data stored on the server should be impossible to crack in the event of a server compromise.πŸ‘
The operators of the service have no ability to see or learn user passwords.πŸ‘
The security of the service should have multiple layers of encryption and not rely on the secrecy of TLS or SSL.πŸ‘
No secrets should be transmitted during the login process.πŸ‘
The login process also guarantees the authenticity of the server you are logging into.πŸ‘
The service uses multi-factor authentication as an additional factor that’s beneficial to its security.πŸ‘
The service should encourage and incentivise security researchers and undergo formal penetration testing.πŸ‘
Distributing your team

Distributing your team

Getting the right credentials to the right people is a key part of password management. Your password manager should have tools that scale to your business β€” from a vault to share with a team, to advanced sharing with groups and active directory.

Β 1Password
Advanced permissions for sharing.πŸ‘
Active Directory support for managing a large number of users.πŸ‘
Sharing data among users should be managed in a way that doesn’t give those who control the server the ability to set up unapproved sharing.πŸ‘
Privacy and Compliance

Privacy and Compliance

The information a password manager does have should be kept to themselves not used to remarket or be sold to third parties. 1Password will never share, sell or use your details for marketing or market research.

Β 1Password
Service should be SOC and GDPR compliant.πŸ‘
Service should be designed to not acquire any user data other than the complete minimum needed to operate the service. β€œPrivacy by Design.β€πŸ‘
No data or metadata is passed to third parties or used for internal advertising.πŸ‘
The Cloude

The Cloud

It’s a popular buzzword, and with that comes several questions, but remember the cloud is another server which means it needs to be secure, audited and trusted. 1Password uses Amazon Web Services which has a number of protections and is regularly security tested.

Β 1Password
Each session should be encrypted with a key unique to that session (independently of TLS).πŸ‘
Requests to the server should not be reusable if captured.πŸ‘
The security architecture of the system should be well-documented and open to public and expert scrutiny.πŸ‘
TLS, to the extent it is used as an additional layer of security, should be configured to require up-to-date and strict versions.πŸ‘

Auditing and Reporting

Auditing and Reporting

Whether you are auditing your own security or reporting on the security of your team, 1Password gives you all the information you need. 1Password’s Watchtower is the most comprehensive suite of tools to protect and update passwords at risk. You get alerts based on weak, compromised, vulnerable and duplicate passwords in addition to other security recommendations.

1Password’s business reporting allows you to get feedback on your team’s security. You can look at a team member’s specific usage of a password, how much they use 1Password, and what they have access to. You can report on an individual or the entire team β€” handy for keeping an eye on security.

Β 1Password
Alerts when an account is compromised in a breach.πŸ‘
Diagnoses weak and reused passwordsπŸ‘
Reports on team members usage of specific accountsπŸ‘

1Password vs. the competition

Find out why 1Password is the best in the market with our password manager comparison!
Compare password managers

Matt Davey

CXO (Chief Experience Optimist)

Matt Davey - CXO (Chief Experience Optimist) Matt Davey - CXO (Chief Experience Optimist)

Tweet about this post