Keeping individual passwords in mind is already a tough task, but doing that for an entire team? That is a true nightmare. Password managers were created to make this challenge easier, and nowadays these tools have evolved so that they’re perfectly fit for businesses, too. Team password managers usually provide all the features of top-tier personal password managers, such as unlimited storage for all passwords and other credentials, military-grade encryption and, most importantly, seamless and uninterrupted syncing across all compatible devices. Any of these would be enough to increase company productivity, but business password managers up the ante with plenty of clever extras like the option to separate personal credentials from business related ones.
And if we take into consideration additional features like customizable security policies and constant monitoring by the account’s admin, it might not be surprising if you and your teammates asked: ‘Why haven’t we switched to a password manager yet?’
Dangers of Sharing Passwords
Although it seems convenient and logical – since nagging the IT personnel for temporary access is pointless – sharing your passwords with colleagues is strictly out of question for multiple reasons. Unless, of course, your team is using a password manager.
The number one reason for this is that despite constant warnings by security experts, people tend to use the same password for all their accounts, regardless of whether it is a business related credential or for personal use. Risks are further increased if the company has a Bring Your Own Device (BYOD) policy, where all it needs for catastrophe to happen is a stolen device without proper password protection.
Additionally there is the risk of intercepting passwords over the internet: the moment a password leaves a safe environment it could get intercepted by hackers, especially if data is transferred over an insecure public internet connection.
Last but not least, since the ruling by the Ninth Circuit U.S. Court of Appeals in the USA vs Nosal II case in 2016, any unauthorized sharing of business passwords is a violation against the federal Computer Fraud and Abuse Act (CFAA), especially if the data obtained by the unauthorized party falls under the category of confidential business information.
Password Security Policy
A company password policy is an official document created for the education of employees that details the rules of effectively protecting (sensitive) company data via the creation and maintenance of unbreakable passwords, and what happens should those rules be violated.
Basically a good password policy is a constantly updated instruction manual of putting together a strong password and keeping it a secret – with ‘built-in extras’ like activity monitoring and reminders for changing passwords. However, a well-crafted password policy also takes into consideration the different roles employees play in the company, meaning that there should be a separate policy for average users, employees who handle sensitive data and, of course, the IT staff.
Although password policies don’t necessarily require owning a password manager, they are best implemented if the company uses such a tool. With a password manager in your team’s possession, managing all those company related credentials not only becomes easier but safer as well since passwords are stored in an encrypted environment and are continuously monitored and evaluated according to their respective strengths. Not to mention the fact that password managers support safe, authorized, secure password sharing, too.
Best Password Managers of 2019
|Editor's Choice 2019|
There is no denying that password managers are one of the best tools to increase business productivity – and not just for the very simple reason of being capable of storing all work related passwords and other credentials in the safe vault. The fact that co-workers only need to memorize just one complex password – the master password – means that there is no fumbling around looking for a password notebook or waiting for the IT department to reset a password when it’s been forgotten. The software takes the hassle out of all of this, and most programs will fill in login boxes automatically; it might not be much, but shaving seconds off each login undoubtedly improves the long-term productivity of the staff.
A password manager is also capable of generating passwords that perfectly comply with the policy rules, and can warn users in time should there be risk of any of their accounts being compromised. The convenience doesn’t stop here, though, since password managers also include two-factor authentication, the storing of non-password data like ID documents and credit card info, and the option to share passwords without sending them through an unsafe communication channel like email. And since most password managers are cross-platform solutions, meaning that encrypted data can be auto-synced between devices, easily allowing users to access the same data on a computer just as easily as on a smartphone.
Recommended Password Managers for Teams
Although the vast majority of password management tools are usually intended for individual users, there are certain password manager companies that either provide subscription models catering to businesses or are created according to the need of teams. We decided to focus on business subscription models, particularly those provided by LastPass and Dashlane.
LastPass Teams is an ideal choice for those companies who prefer cloud-based solutions over desktop applications. Despite being web-only LastPass Teams provides the same military-grade encryption as its counterpart for personal users does – with some extras catering towards businesses.
All users have access to their own LastPass vault that is protected by a unique master password. All of a user’s passwords, credentials and forms can be safely stored here, and of course shared with securely with team members. Meanwhile admins have access to all of the above, but can also add or remove users, set up security policies and check automatically generated reports.
LastPass Teams is $2.42 per user per month and it provides standard security policies and basic reporting. However, by upgrading to LastPass Enterprise ($4 per month per user) there are additional two-factor authentication options, advanced security policies and reporting, directory integration and even API access.
Although Dashlane requires a desktop application, it is still a handy password manager with many top-notch features. The user-friendly accounts are not only equipped with features like the Password Changer, emergency sharing, auto-fill and -login, and data backup, but are also capable of separating personal credentials from business related ones.
Dashlane Business users will make use of all features of Dashlane Premium, such as the patented encryption method and built-in two-factor authentication (via the mobile app) but, unlike Premium, Dashlane Business provides automated data syncing across multiple platforms and even allows users to share an unlimited amount of passwords. Admins can easily manage the company’s security policy and share passwords from the simple dashboard where the overall security score of the company’s password vault is also displayed.
Webinar on the Use of Dashlane Business
Dashlane Business subscriptions start from $8 per month (for at least two users), and come with a 30-day free trial.