Password management tools will greatly reduce the amount of time that your IT support staff has to spend assisting users. Password management systems need to be able to enforce company policies over password strength and rotation. The system also needs to be able to inform users of suitable password formats, generate suggested passwords, autofill password fields, and, if possible, provide multi-factor authentication.
Here is our list of the best network password managers:
- Password Manager Pro EDITOR’S CHOICE A centralized password management solution for large teams that includes confidential distribution. Runs on Windows Server, Linux, AWS, and Azure. Start 30-day free trial.
- N-able Passportal A password manager and document manager aimed at managed service providers.
- ITBoost An online password manager for MSPs with a companion document management system.
- IT Glue A cloud-based password management system and document manager with other system management tools included.
- Hypervault This password manager is suitable for IT departments or MSPs. Delivered from the cloud.
- Dashlane Business A cloud-passed password manager with apps for Windows, macOS, iOS, and Android.
- Passbolt A choice of on-premises or cloud-based versions of this password manager that integrates with AD and LDAP.
- LastPass Teams An online password manager that includes a cloud-based password vault.
As data protection standards become more important, businesses need to be able to demonstrate compliance. The implementation of those standards is often necessary in order to win clients and following tight access security will also protect the company from litigation against data loss.
Password managers automate a lot of the tasks that your IT support team has to perform in order to keep the network, equipment, data, and applications accessible to the right people. A comprehensive password manager includes a self-service portal, reduces the stress that can cause users to mistype their passwords, and also enables them to reset their passwords should they forget them.
Properly managed password systems will reduce the risk to your company’s data and lower the cost of supporting users.
The best network password managers
There are a lot of password management systems on the market and if it is your job to buy in new software for your company, you will spend a lot of time researching the market and investigating each option.
Our methodology for selecting a corporate password manager
We reviewed the market for password management solutions and analyzed tools based on the following criteria:
- A centralized coordinator that can manage passwords for many applications and networks
- The ability to run a single sign-on environment
- Self-service password reset portal for end users
- Secure password lockers
- Automatic password filling
- A free trial or demo system for a cost-free assessment period
- Good value for money represented by a fair price for competent tools
With these selection criteria in mind, we identified a pool of excellent password management services that are suitable for use by businesses in-house or by MSPs for client management.
In this report, you will read about the best password managers for companies and their networks. The shortlist we present will reduce the time you need to spend in your research by highlighting the best password manager available today.
You can read more about each of these options in the following sections.
1. ManageEngine Password Manager Pro (FREE TRIAL)
ManageEngine Password Manager Pro is a self-hosted package, but you can choose to install it in your account on a cloud platform. The system is a centralized service that enables you to store sensitive documents securely inside the encrypted vault as well as access credentials for all of the applications that your company uses.
- A centralized secure vault
- Connection protection
- Active Directory and LDAP integration
- Bulk password management option
- MSP versions
ManageEngine offers Password Manager Pro in a range of editions that make it attractive to businesses of all sizes. The top plan can handle very high volumes of demand for credentials on a multi-national scale.
The main purpose of this system is to ensure that the business keeps control over passwords, ensuring that disgruntled or leaving employees can disclose or abuse system access credentials. Employees never get to see the passwords that get them into the applications that they use.
The system is able to scan other applications, operating systems, and network devices to gather all locally-stored passwords in its own vault. This discovery service extends to Windows, Linux, and VMWare. The Password Manager Pro system can interact with other operating systems, such as macOS, but passwords have to be transferred manually in those cases.
- Security monitoring for the vault
- Strong encryption protection
- Password confidentiality
- International scope possible
- Not a SaaS package
Password Manager Pro is available in four plan levels. There is a Free edition that is limited to serving ten devices. All of the paid editions are available in a multi-tenanted architecture for managed service providers. The software for the ManageEngine system installs on Windows Server, Linux, AWS, and Azure. You can get a 30-day free trial of Password Manager Pro.
Password Manager Pro is our #1 choice! The secure vault is protected with AES-256 encryption, which is the standard used by banks and the US military – it is uncrackable. Transfers are also connected by encryption. Browser extensions interact with the system through plug-ins and the service can also extend to mobile devices running iOS or Android.
Download: Start a 30-day FREE Trial
Official Site: www.manageengine.com/products/passwordmanagerpro/
OS: Windows, Linux & Web-based
N-able Passportal is a cloud-based service that includes a password manager and a secure document manager. This might seem to be an unusual combination of services. However, both strands of this package require secure storage so there are quite a number of points of commonality between them.
- Designed for MSPs
- Active Directory and LDAP
- Manages application passwords
- Enforces password rotation
- Self-service add-on
This bundle of services is offered to managed service providers (MSPs), but it can just as easily work for IT departments. The concept of offering the service to MSPs is that those businesses can then sell managed account services to client companies. The services are charged for by subscription.
The password manager can act as a front end for a list of business access rights management systems, including Active Directory, Office 365, Azure servers, and LDAP implementations.
The ability of Passportal to interface with access rights systems enables system administrators to centralize all password-related tasks in one interface. Changes made in Passportal get automatically rolled out to the access rights systems that protect the network, devices, servers, and applications used by the company. An extra utility that can be added to Passportal is called Passportal Blink. This is a self-service feature that allows users to change their own passwords. This utility greatly reduces the number of calls that the Help Desk has to field.
Also included in Passportal is an autodiscovery feature that identifies password-protected applications that need to be included in the password manager. The tool can enforce password rotation and it includes a password generator to create complicated, unbreakable passwords. Those passwords are stored in an encrypted password vault and the applications that users try to access can be set to autofill those unmemorable passwords. An audit trail tracks access to the password manager and all access to protected applications are logged.
- Supports automatic Active Directory sync via LDAP
- Can run access audits to easily identify internal changes made during a period of time
- Supports compliance reporting to identify weak passwords and force changes base on policy
- Users generate their own encryption key, securing their cloud data from third parties, including Passportal
- Smaller networks may not benefit from the MSP/enterprise-specific tools Passportal offers
You can request a demo by filling out your details on their website.
Further Reading: Passportal Product Suite – Full Review
ITBoost is also a cloud-based service that is marketed to MSPs. There is no reason why in-house IT departments shouldn’t also use this system to manage their own corporate passwords. This business is part of ConnectWise, which is an IT infrastructure management systems provider and also produces a number of software platforms for MSPs. This password management system is bundled with a document manager and a configuration manager.
- SaaS tool for MSPs
- Central password controls
- Document management system
- User self-service portal
The password manager enables an administrator to create and revoke user accounts on the network and company-wide. It also enables the system manager to reset passwords. The service includes a password vault and logs all access attempts for auditing and security purposes.
The main aim of the document management system linked to the password manager is the creation and management of knowledge bases. The service includes storage space and it is possible to store all types of files on cloud drives.
ITBoost Integrates with ConnectWise system management services: ConnectWise Control, ConnectWise Automate, and ConnectWise Manage. It also integrates with MSP RMM and PSA software produced by other providers, including Pulseway, SolarWinds, Atera, and Kaseya.
- Cloud-based document management allows organizations to scale their knowledgebases without infrastructure cost
- Allows for internal and external KB articles to help both staff and clients troubleshoot problems
- Revision controls protect and audit documents
- The trial is only 14-day, would benefit from a longer testing period
The services of ITBoost are available in three editions: Basic, Plus, and Premium. The password manager and access auditing features are included in all editions. ITBoost is available on a 14-day free trial.
4. IT Glue
IT Glue is very similar to both ITBoost and Passportal. It also combines password and document management and password management in one cloud-based package. IT Glue is marketed as a service for MSPs but could also be used by IT departments for in-house password management. This online service is a division of Kaseya, which produces system monitoring software, including RMM and PSA software for MSPs.
- Password vault
- Built for MSPs
This password manager is able to interface and synchronize with Active Directory, which makes it a great tool for those administrators who find the structure of AD confusing and its native interface unhelpful. The tool includes access tracking and there is a secure password vault stored on the cloud. Another great feature is the tool’s ability to identify at-risk accounts and warn the administrator to close them down.
An add-on to the basic IT Glue subscription is a system that can be accessed directly by clients of MSPs who would rather manage their passwords in-house. This is called MyGlue and it can be deployed by IT departments as a standalone package instead of IT Glue.
- Works well in MSP environments as well as in mid-size organizations
- Offers a robust library of templates to get started quickly
- Manages documentation as well as credentials
- Smaller networks may not benefit from the MSP/enterprise-specific tools the product offers
The charges for IT Glue are levied on a subscription basis per user per month. There are three editions of the service: Basic, Business, and Enterprise. Password management is included in all of them.
Hypervault is a cloud-based service. The tool oversees access rights for networks, devices, endpoints, servers, and applications. It is a good tool both for IT departments and MSPs.
- SaaS package
- Unifies many access rights managers
- Secure password vault
The password management system is able to administer access rights for teams of any size. The relationship between users and resources can be mapped in a hierarchy, like in Active Directory. It is also possible to set up group access to resources. Hypervault is able to act as a unified front-end for the many different access rights systems that you probably have operating on your network right now.
The Hypervault package includes a library of templates. These are really mappings between the Hypervault password management system and another access rights system. By the mediation of the templates, many incompatible password management systems can be merged into the Hypervault management console. Any account creation or changes made in Hypervault get automatically rolled out to the relevant on-site access rights manager. All of the records set up in Hypervault are stored in a secured cloud-hosted password vault. All communications between Hypervault and the client’s site are encrypted and so is browser access to the system console.
The Hypervault password manager is able to impose a multi-factor access system on the resources that it protects. Access to the console itself can also be protected with two-factor authentication.
A useful feature of the Hypervault system is that it can be white-labeled, which means that you can put your company name and logo on the dashboard, all other interfaces, and all reports from the system.
- Supports white labeling, great for MSPs
- Supports two-factor authentication options
- Great interface, easy to find what you need quickly
- 7-day trial is short, would like to see a longer trial period
The subscription fees for Hypervault are charged per user per month. Accounts with larger numbers of users get a lower rate per user. There is also a discount of 10 percent that brings the price down for those companies that pay for the service annually in advance. The Hypervault system can be tested on a 7-day free trial.
6. Dashlane Business
Dashlane Business is a cloud-hosted password management system. Both the user interface and the management console is accessed through apps from different operating systems. This edition of the Dashlane password protection service is aimed at the management of passwords for teams.
- Secure storage
- Password vault
Subscribers to the Dashlane Business service get a password vault and secure storage space, both hosted on the Dashlane servers. The cloud stage space that is included in the Dashlane plan is segmented per user and there is also business-wide storage space included.
Other features of the service include a password generator to create strong passwords with random characters. These long passwords are not memorable, and so the Dashlane user app will automatically fill in the password fields for the end-users of the system. System administrators can also choose to impose two-factor authentication for access to the network and other resources of the business. The Dashlane system will implement all of the necessary measures to carry out this policy successfully.
Dashlane Business monitors web pages and blocks infected or dangerous pages from loading into the browsers of the employees of the business. The combination of apps and secure browser monitoring makes access to the business’s resources secure from many different devices. The Dashlane app is available for Windows, macOS, iOS, and Android.
- Available cross-platform for Windows, Mac OS, iOS, and Android
- Supports autofill for convenient website access without copying and pasting
- Built-in password generator makes it easy to pick new secure credentials
- Would like to see better support for browser-based features, these often break with new updates from their creators
The service is charged per user per month and is available on a free trial.
Passbolt is available both on-premises and as a cloud service. There is also a free version of the on-premises software. The password system will cover all resources of the company including the network, servers, endpoints, and the applications that run on them.
- Deployment options
- Free on-premises
- Active Directory and LDAP
The administrator’s console of Passbolt enables the creation of user accounts for individuals and also group access passwords.
- Free for on-premise installations
- Integrates with Active Directory via LDAP
- Supports multi-factor authentication options
- Would benefit from a longer 30-day trial
The free version of Passbolt is called Community. There are two paid versions, called Business and Enterprise. The charged-for editions of Passbolt have considerably more features than the free version. For example, Business and Enterprise Passbolt can synchronize with Active Directory and LDAP systems. Other useful tools in those two plans are multi-factor authentication, access logging, and system auditing.
The on-premises software installs on Debian and CentOS Linux. The system can also be operated on Windows through Docker virtualization. Passbolt Cloud is available on a 14-day free trial.
8. LastPass Teams
LastPass Teams is the business version of LastPass, the base version of which is aimed at individuals. The service is delivered from the cloud and centers on an administrator’s console. The management center of the password system is where the system administrator sets up user accounts. Those accounts can also be suspended or removed and their passwords can be reset.
- Delivered from the Cloud
- Central password management
- Allows password sharing for files
Users are able to share passwords for specific files. Those files need to be resident on the secure storage space that is included in the LastPass Teams system. The storage area is kept secure with encryption as are all transmissions between the LastPass server and the networks of its clients.
- Sleek front end and admin console
- Tracks logins and login attempts through auditing features
- Supports safe password sharing and individual protected folders
- Would like to see a longer trial period
Businesses subscribing to the LastPass Teams service don’t need to install any software on-site. The console can be accessed through any internet browser. LastPass Teams is available in a 14-day free trial.
Selecting a corporate network password manager
Password management is an important task that shouldn’t be left to haphazard manual processes. Many systems administrators rely on spreadsheets to store user account information. Even for small businesses, that strategy just isn’t good enough. For one thing, any hacker discovering that file while exploring the resources connected to the network will instantly gain unrestricted access to all of the company’s data. Anyone that can get into a financial manager’s account will immediately get access to payment authorization functions and could clear out the company’s bank account.
Larger companies certainly need to invest in a password management system. Even just a password vault would be a good start. The tools on this list of recommended corporate and network password managers vary in functionality. Looking through the descriptions of these tools, you should identify one that includes all of the features that your company needs.
Take advantage of the free trials that many of the tools on our list offer. Once you get to see these tools in action, you will have a better idea of which is best for your company.
Business password manager FAQs
How do businesses manage passwords?
Password managers are becoming increasingly common in businesses because the demand for users to regularly rotate passwords and use different passwords for each application is unsustainable. It is impossible for a typical business employee to keep generating and remembering new, unique, and complex passwords. The user of password managers removes the urge for users to write down passwords, which can be particularly damaging if those plain text records are stored in files on a workstation.
What is a corporate password manager?
A password manager for business is the same type of system that is available for home users. A password vault requires one password for access but it stores many usernames and password pairs for many business applications, which includes SaaS systems on the cloud. A good password manager should also include an automated complex password generator. If passwords are too complicated to remember and are stored and instantiated in a format that the user can’t see, the business is protected against insider threats and the security risks presented by departing employees.
Do hackers use password managers?
Yes. Password managers are targets for hackers but the creators of these systems know that. The typical password manager stores passwords in a vault, which is encrypted and requires a password for access. Thetis makes automated, remote access to password vault contents impossible. However, these systems are susceptible to attack via rubber ducky devices. These are USB sticks that are identified as input devices and run keystroke scripts that emulate a real user.
Image: Password Mask from Pixabay. Public domain.