What to Look for in a Password Manager
Remember that time when one of your employees spent an hour trying to guess the right password to a core business application? Or that time when you found out that an employee was using the password “password” just so he wouldn’t worry about remembering his passwords?
If you have experienced any of these issues—and most businesses have—you know it’s past time to implement a company-wide password manager. If you haven’t yet done so, it’s probably because password managers have a reputation for being complicated and difficult to use.
Nobody wants to spend more time than necessary dealing with a password manager. Surely you’ve got better things to do. Thankfully, it doesn’t have to be a frustrating, time-sucking experience. It’s about knowing what features are important and making sure they are as intuitive and easy to use as possible. It’s about finding a password manager that lets you do things the way you want to do them. Here are some tips on what to look for:
Easily add and remove users to your account: Creating accounts, adding users and managing them should be a simple point-and-click exercise. You should be able to easily add a single user, multiple users, or even import users from Active Directory.
Increase user productivity: A password manager should improve user productivity, not reduce it. Nobody should be wasting time on password resets or tracking down the person who has the password they need. Your password manager should do the heavy lifting here by automatically importing passwords from browsers, other password managers or CSV files. Your password manager also should save information other than passwords—personal information for filling out forms, digital payment details and digital notes. It’s not only safer; it’s more convenient. Instead of searching for important information in chats, emails and spreadsheets, storing it in a password manager reduces the risk that information is compromised or lost.
Change passwords in split second: Changing a password on a website should be simple, but it can quickly become frustrating if your password manager doesn’t capture the new password correctly or rejects it. That is unacceptable. Your password manager must work correctly every time.
Fast, easy website log-ins: When you visit a website’s login page, your password manager should check to see if you already have a saved password for the site and log you in. If you don’t, it should offer to save a new password for the site. And passwords should be synchronized across all devices as soon as they are saved or upgraded. It’s as simple as that.
Securely share passwords with your team: In a perfect world, everybody from C-suite executives to summer interns would have their own passwords for every function they needed to access, but that’s often not realistic. Instead, many companies resort to sharing passwords via email, chat or spreadsheet. Not only is this method extremely insecure, but it often results on multiple versions of documents with outdated passwords in multiple locations. And every minute spent searching for the right password is a minute not spent on being productive for the business.
A more effective and secure approach allows users access to the systems and websites needed without actually revealing the password to those who don’t need to know. Let’s say the marketing department is working on a new social media campaign that requires both low-level employees and the Chief Marketing Officer to access the company’s Facebook account. An effective password manager should allow administrators to grant marketing department employees permissions to access the resource without actually seeing the password.
Rekeying information should be a thing of the past: Your password manager should collect important user data such as name, address, contact information and payment information. That way, the system can automatically fill in forms for users online. Look for a password manager that allows you to group information, so when you encounter a long check-out form, you can complete it with one click.
The security you need without complexity
Without a doubt, strong security is the most important requirement for any password manager. According to the Verizon 2017 Data Breach Investigation Report, weak or stolen passwords are responsible for more than 80 percent of security breaches. That’s why it’s critical to demand a password manager with as many security features as possible. These include:
- End-to-end encryption
- Two-factor authentication
- Secure cloud storage
- Role-based access
- Theft protection
- Secure sharing
An effective password manager also should have a full set of advanced security policies that can be enabled simply by checking boxes. No IT department needed.
The bottom line
Implementing a password manager shouldn’t be a burden on your IT staff or users. Make it easier on yourself and your company: evaluate a password manager based on how easy it is to use and customize. Don’t accept anything less. Onboarding and offboarding should be simple tasks. It should also be easy to save and change passwords, implement security policies, synchronize devices, share passwords and fill out forms. Don’t bother considering a password manager that doesn’t measure up.