Hey everyone, I'm currently navigating the challenges of implementing a password management solution for our team. We're using Entra ID, and most of our users prefer Chrome for their web browsing. I proposed hosting a password manager like Vaultwarden, but the suggestion was quickly dismissed. Someone mentioned that using Google Credential Manager would be cheaper, easier, and just as secure. I'm considering setting up a Google Cloud Identity tenant and providing our users with Gmail accounts for their password management. However, I'm looking for strong arguments on why a dedicated password manager might be more secure from both compliance and security perspectives. Is there a huge difference, or is it not a big deal?
7 Answers
It's a bit surprising not using Edge, especially with Entra ID in play. Having passwords and browser data sync directly to their Microsoft accounts is a big plus. Still, a password manager excels at generating random passwords and managing shared passwords safely, which can be tricky otherwise.
If you're using Entra, switching everyone to Edge could streamline syncing passwords with their Microsoft accounts. But honestly, a dedicated password manager offers a lot of extra security features and benefits with only a minimal cost, which makes it well worth it.
I recommend steering clear of Vaultwarden for serious security concerns and instead consider going with the official Bitwarden solution. It's more robust and has a better security track record.
That's the route I wanted to take, but unfortunately, the budget proposal didn't make it through...
How are users managing secure password sharing using Chrome or Edge's built-in password manager? That seems important, especially for team collaboration.
Why not make the switch to Edge, especially if you're already integrated with Entra? It seems like a natural fit.
Just think about the risks: if a hacker gains access to someone's Google account, they could potentially sync all the saved passwords to their own device—definitely a scary thought!
I see your point, but can you dive deeper into why it's considered 'much safer'? I need something solid to back this up.