Users frequently forget passwords, use the same password for everything they need to log into and try to hold on to the same passwords for as long as possible.
If you only have enough time to see the tools, here is our list of the ten best team password management tools:
- SolarWinds MSP Passportal (GET DEMO) A combined password and document manager delivered from the cloud.
- IT Glue A cloud-based password and document management platform.
- ManageEngine Password Manager Pro A password vault with password management features and password control workflows.
- Hypervault Flexible password management system for teams or MSPs serving clients.
- Keeper A password manager and vault that runs on windows.
- Bitwarden Free, open-source password manager with a secure vault. It runs on Windows, Linux, and MacOS.
- Dashlane Business Easy-to-use password manager that runs on Windows, MacOS, iOS, and Android.
- Zoho Vault Cloud-based password manager from a leading business software provider.
- Passbolt Free on-premises open-source password management software or a paid hosted version.
- LastPass Unifies LDAP and Active Directory in one password management interface.
Gartner Group studies estimate that 20 to 50 percent of all Help Desk calls are for password resets. Sorting out a coherent corporate password policy and introducing controls to enforce and support it will slash your password-related costs.
One very easy way to reduce calls to the Help Desk is to make a self-service portal available so that users can reset their passwords themselves. This measure also cuts out the delay that forces staff to waste time trying to remember a password and mistyping it.
A comprehensive team password management tool will give you automated procedures for password generation, policy setting, policy enforcement, and user access monitoring.
Shortlisting team password management tools
There are some very good password management tools available and many of them are designed with data protection standards in mind. If your business has to comply with standards such as HIPAA or PCI-DSS, you will need to have an effective password manager that includes auditing and reporting functions to help you prove compliance to the standard.
Unfortunately, researching all of the password management services on the market can be time-consuming. However, we have done that work for you, reducing the time you need to make a choice with a shortlist.
The best team password management tools
You can read more about each of these options in the following sections.
Passportal is a recent acquisition of SolarWinds, which is a leading provider of IT infrastructure management software. This cloud-based service includes a password manager and a secure document manager.
The password management part of the suite can interface with the Active Directory implementation on your site, and also on any cloud services that you use, such as Azure or Office 365. Passportal is not limited to interfacing with Active Directory.
The Passportal package is marketed as a service for MSPs. The idea is to provide those managed service providers with another service that they can add on to their existing menu. The Passportal platform is multi-tenanted, allowing each end client to access their password services directly without having to go through the MSP. This division is particularly important with one of the facilities included in the Passportal Blink plan, which is a self-service utility.
The documentation manager that is included with the package can be used by the MSP to set up a knowledge base system that informs the users on the systems that it manages on how to solve problems themselves, including how to use the password self-service portal.
Other utilities in the core password manager include the discovery of password-protected applications on the client system, enforced password rotation, a password generator, an encrypted password vault, and access limitation to the Dashboard for junior technicians. All access to the password system is logged and so are all access attempts to the protected applications.
Passportal is charged for by subscription, paid monthly in advance. You can register to see the demo of the product in action.
IT Glue is a very close competitor to Passportal and has a very similar profile. This is a cloud-based platform that is aimed at MSPs. The service is owned by Kaseya, which produces MSP RMM and PSA software. This password manager is coupled with a secure document manager.
The password manager is able to interface with Active Directory and includes access tracking. The tool can identify at-risk passwords without disclosing them to technicians. The system includes a secure cloud-located password vault. Audit logs record access to each protected application and to the IT Glue password system itself.
An add-on that is available with the tool is called MyGlue. This tool is aimed at IT departments that want to manage their own passwords. This can be offered as a pass-through service by MSPs or bought directly by individual companies instead of the full IT Glue system.
IT Glue is paid for by subscription charged per user per month. There are three editions of the service: Basic, Business, and Enterprise. Password management is included in all of them.
Password Manager Pro by ManageEngine is implemented as on-premises software for Windows and Linux servers. It is able to monitor passwords issued for applications on many other platforms, including MacOS, Unix, Oracle, Sybase, MySQL, SQL Server, Juniper Networks, and Cisco Systems.
The tool is able to help you formulate a password policy and then it will enforce that strategy. It can force automatic periodic mass resets for password rotation and also enforce strong passwords. The system includes many specialist credential management features, such as identifying individual passwords for shared accounts, monitoring of privileged account usage, audit logging for access to all protected systems and also to the password manager itself.
The audit trail and reporting system of the tool are good for helping you enforce data protection policies that comply with system protection standards, such as GDPR and PCI-DSS. It also looks at reasonable usage of passwords to identify compromised accounts and intruder activity.
The password vault of ManageEngine Password Manager Pro is protected by 256-bit AES encryption. Access to the password manager requires two-factor authentication. The password database can be backed up offsite, although the remote server for this action is not included with the plan. The database can be replicated for redundancy to ensure constant availability.
The software is available for free. However, the free version of Password Manager Pro is limited to one administrator and can only control passwords for 10 resources. The paid version of Password Manager Pro is available in three editions: Standard, Premium, and Enterprise. In each case, the price of the software depends on the number of administrators that will use the system.
ManageEngine offers a 30-day free trial of the Enterprise edition of Password Manager Pro.
Hypervault is a comprehensive password manager that covers access credentials for a long list of IT resources. This is a cloud-based service that is suitable for IT support departments and managed service providers.
The Hypervault system is specifically designed to cater to team password management. That means teams of any size. The management console allows passwords to be grouped by categories and then applications are allocated to each type.
The interfacing and conventions of different resources each dictate their own conventions. Hypervault overcomes these differences by deploying templates. Each template automates access to the password system of each related resource. It then pulls the management of those passwords into the Hypervault Dashboard in a common format. The templates mediate between the Hypervault standard procedures and the conventions of each system that it manages.
Passwords are stored in a secure database, which is protected by encryption. Access to the password manager can optionally be secured by two-factor authentication.
The Hypervault dashboard can be white-labeled, enabling you to put your company’s name and logo on every screen of the dashboard. That branding extends to the reports that you can get from the tool.
Hypervault is charged for on a subscription basis with fees levied per user per month. The prices get lower for subscribers with larger numbers of users. There are three divisions of user group sizes. Those who pay yearly get a 10 percent discount on their bills. You can get a 7-day free trial of Hypervault.
Keeper Security produces a range of password protection and cybersecurity systems both for personal and business use. The Keeper Team Password Manager is a great tool for businesses that have a lot of access credentials to track and keep secure. As a cybersecurity systems producer, Keeper Security made sure to build intrusion protection into its password manager.
As well as regular password management, the system tracks access credential usage to look for insider threats and hijacked accounts.
Under the Keeper system, each team member is given secure, password-protected storage space. Shared documents and other files can be accessed by personalized passwords, which identifies each access event to an individual user. So, Keeper adds an extra layer of password protection to data sources rather than managing the password systems of resources.
Of the five editions of Keeper, two are aimed at businesses: Business and Enterprise. This is a cloud-based service and priced on a subscription model with charges levied per user per month, although it is billed annually. You can get a free trial of Keeper’s Business edition that lasts for 14 days.
Bitwarden is open source software and it is free to download and install for personal use. Businesses have to pay. This software runs on Windows, Linux, and macOS. There are access apps for iOS and Android devices. The system centers on a password vault and a password manager.
The password manager enables the distribution of passwords to team members. It enables administrators to create user groups and departmental password policies. It is also possible to introduce multi-factor authentication on user accounts.
It is possible to synchronize data in the Bitwarden password manager with records held in Active Directory, LDAP, Azure, G Suite, and Okta.
The Bitwarden system also protects file storage. Users who want to share a document can issue access credentials to their collaborators, making access to the file recordable and limited to authorized colleagues.
Bitwarden’s system for businesses and team password management is available in two editions: Teams and Enterprise. The Teams plan has a minimum user group of five but there is no minimum on the Enterprise plan. The Team plan includes 1 GB of cloud storage, which is secured with encryption. Bitwarden is available on a free trial for teams.
Dashlane is a password protection system and it is available for businesses to create team access rights. The system is hosted in the cloud but accessed through a downloadable app. There are apps available for Windows, MacOS, iOS, and Android.
The Dashlane Business system includes a strong password generator and a form to enable an administrator or the end-users to change passwords. The system also includes an autofill feature so users don’t have to enter the complicated passwords created by the generator. There is a choice of multi-factor authentication systems that can be applied to access.
The service includes a password locker and also secure cloud storage for protected files. Users can upload files to the storage area and then grant access to colleagues. The storage space is divided so that there is an area for the business and then a personal space for each user.
Dashlane Business includes more security features beyond password protection. It also monitors web pages for malicious content before allowing it to load in the browsers of users. Account services can be accessed from anywhere, across devices.
The service is charged per user per month on a subscription basis. Dashlane offers a free trial of its Business service.
Zoho produces some very popular business software and it makes most of its products available from the cloud. Zoho Vault is one of the company’s online services. The system caters to the management of passwords for teams.
In Zoho Vault, all passwords are stored securely on the Zoho servers. The vault is protected by 256-bit AES encryption. The password system also auto-fills password fields for users and includes the ability to share passwords for files and folders in order to facilitate collaboration. All user actions are logged for auditing.
The process to allocate passwords to individuals and groups is straightforward and they can just as easily be revoked. The Zoho Vault system integrates with many other access rights systems, such as Active Directory, Office 365, Azure AD, and Google. This enables you to set your password policies in Zoho Vault and roll out the actions taken in Zoho Vault to other access rights management systems used by the company.
The Zoho Vault password management system can be accessed through a browser or apps for iOS and Android devices.
Passbolt is free for on-premises hosting but there are also paid higher versions and a paid cloud-based service. The password system for users integrates into email, browsers, and chat systems to autofill passwords where demanded.
Passwords can be allocated to individuals and groups and there are facilities for secure password sharing built into the system. The base plan is called Community. The Business and Enterprise editions include synchronization with Active Directory and LDAP systems. The higher plans also include facilities to implement multi-factor authentication. Those versions also include access logging and system auditing.
The on-premises software runs on Debian and CentOS Linux and can be run on other operating systems through a virtual machine via Docker. The cloud version of Passbolt is available on a 14-day free trial.
LastPass offers an edition for team password management, called LastPass Teams. The smart-looking console of the system allows administrators to create and remove passwords for users. The system includes safe password sharing and secure storage space with shared and private password-protected folders.
This system is a cloud-based service, which means that it can be accessed from any internet-connected device. LastPass Teams is available in a 14-day free trial.
Selecting a team password management tool
There are lots of team password management systems available on the market. Hopefully, our shortlist will give direction to your search and help you save time assessing all of the products on the market.
Reading through the descriptions of the services on our list, you have probably already narrowed down your selection to one or two options. Take advantage of the free trials that many of the team password management tools on our list offer to make your final choice.