I've recently joined a company with over 100 employees, but I noticed we aren't using a password manager, which feels like a major security risk. As a software engineer, I'd like to suggest we implement a business password manager to our management team. I believe it could simplify things for our IT department and provide several benefits:
- Easy management of multiple users
- Implementation of password policies
- Centralized management of passwords
- Simplified processes for leaving employees and their passwords
- Easier password sharing among team members
- Overall enhanced security
I'm looking for a password manager that includes features like SSO integration, robust group management, and is easy for employees to use. I used NordPass in my previous job and found it to be user-friendly. I came across a comparison table that outlines different options and essential features. What key features should I focus on when recommending a password manager? Also, are there drawbacks to using a password manager that I need to consider before discussing this with my team? Thanks for your help!
5 Answers
As we're considering rolling out Keeper, I'm most focused on SSO features for users. For larger teams (like ours at 5000), buy-in from management is essential. Having features like flexible autofill options and personal family plans can really help staff get into the habit of using it.
Bitwarden has TOTP support, which we use all the time in our nonprofit. It completely eliminates the need for staff to bother each other for text codes from shared accounts, making things super efficient.
Since you're in software engineering, you might want to explore options like secrets managers or key vaults in addition to traditional password managers. Many are starting to integrate these features into their services. For example, AWS and Azure provide key vaults that work well with their platforms. If your company isn't heavily invested in those infrastructures yet, a basic password manager could be more suitable.
One key feature you might consider is the emergency account takeover option. It allows designated users to access accounts if something happens unexpectedly to the account owner. My team uses Bitwarden, and we set it up so that if our boss were to pass away, others could step in without too much hassle.
I've had a great experience with Keeper. It combines my MFA tokens with the storage of URLs and creds, which is really convenient. Just a heads up though, getting staff to actually adopt it can be challenging. Be prepared to enforce disabling browser password saves to ensure everyone uses the manager properly.
Why store MFA tokens in a password manager? That can lead to its own security issues.
If the password manager doesn't handle MFA, that's a dealbreaker for us. Glad to know Keeper fits the bill!
Yes! That feature is a game changer in our setup too.