We’ve reached a point where password managers should no longer be considered optional. We need password managers to keep us protected from ourselves, from using lazy, weak passwords and for storing those secrets in a protected vault.
SEE: Mobile device security policy (TechRepublic Premium)
To that end, there are plenty of password managers to choose from, each of which will serve you better than trying to memorize all of your passwords or writing them down on a piece of paper.
But not every password manager is created equal. Just about any consumer can get away with using nearly any of the available tools. But if you’re a company that needs a password manager that can be shared between teams, your options are a bit more limited. You need to find the right tool for that task.
Fortunately, I have a shortlist of password managers that are perfectly at home being used by teams. Let’s take a look at what those applications and/or services are.
Bitwarden is one of my favorite password managers (and not just because it installs natively on Linux). With this open-source take on the password manager, you get all the bells and whistles you’re accustomed to (such as random password generator, cloud sync, favorites, categories, custom fields, folders, multiple account support, password send, import/export and more.
But Bitwarden also includes a feature that makes it an outstanding solution for teams: Collections, which makes it possible to share only specific passwords with certain teams. That means you don’t have to worry about every member of your team seeing all of your passwords. Instead, you create a Collection of passwords and then share it with a team. You can create multiple Collections and share each one with a different team. This feature alone places Bitwarden on the list. Combine Collections with a best-in-class interface that is user-friendly enough for anyone to use and you have a great password manager that is ready for your teams. Bitwarden has two plans: Business ($3/user/month for teams or $5/user/month for enterprise organizations) and Personal (Free, $10/year/user for individuals or Free, $3.33/user/month for families).
KeepPass might be purpose-built for individuals, but it does offer a file-locking feature that makes it very possible to use this tool for teams. Essentially, you store the vault on a network share and when someone has the vault open (unlocked) and someone else attempts to open the same vault, the second user will be prompted to either open the vault in read-only mode or open it in normal mode, thereby stealing the lock from the first user. This makes it possible to use KeePass for teams and not worry that someone will overwrite another team members’ work as they are making changes to an entry.
Besides this feature, KeePass does include the features we’ve all grown accustomed to in a password manager, such as support for all types of logins, master password protection, AES and Twofish algorithms, random password generator, portable version, import/export (import from TXT and CSV), search tool, and more. KeePass is free to use and can be installed on Android, iOS, Linux, macOS, and Windows.
1Password is built for individuals and teams. With both private and shared vaults, 1Password makes it possible to use a single tool for the entries you need to keep private and those you want to share with a team. Of course, 1Password contains all the standard features you need, such as a random password generator, favorites, categories, tags, custom fields, secure notes, Identities, modification dates, import/export, mobile and desktop apps, password strength monitor and more.
All of those features can be found in both the Private and Shared vaults. A shared vault is one that is accessible by your entire team. 1Password also includes a unique feature, called Watchtower, which keeps track of breach reports as well as monitors reused and weak passwords, unsecure websites, two-factor authentication, and expiring passwords. The Watchtower feature is a great addition for enterprise use cases (as well as business and personal). 1Password starts at $19.95 for a team starter pack for up to 10 users.
Hypervault was built specifically for businesses and teams and allows you to create workspaces, folders and entries of all kinds that can be shared with individuals and teams. One of the best features of Hypervault is that it is very IT-centric in that it not only allows you to store the usual information, but also allows you to store information such as ports, servers, IP addresses, licensing information, type, model, serial number, date of reception, OS, MAC address and notes. This makes Hypervault a great option for IT teams and even development teams.
Hypervault includes over 50 password templates (such as for logins, databases, API keys, devices, FTP, email, software licenses, computer accounts and networks). Of course, you can also create private vaults that your teams will not have access to. And with a very user-friendly web-based interface, anyone can get up to speed with Hypervault. Hypervault can be had for approximately $6.50/month/user for up to five users, $4.30/month/user for 6-50 users, or $4.13/month/user for over 50 users.
Passbolt is an open-source, web-based password manager that can be either deployed on-premises or as a hosted service via Passbolt. Passbolt works with a web browser extension to interface with the server.
Passbolt works a bit differently than your usual password manager. With this platform, you visit a website and then click the Passbolt icon in your web browser toolbar. You will be prompted to create the entry (although much of it will be auto-filled for you) and then you save it to your Passbolt vault. Once the password is saved, you can log into your vault and share the entry with teams. Or, you can simply work from within the web-based interface and manage your entire vault of passwords.
The Passbolt interface also allows you to easily create a team (aka group) and then add users to that team. Before a user can be added to a team, they must first activate their accounts (which is done via email). Passbolt can also be installed on various third-party cloud hosting providers, such as Kamatera and DigitalOcean, via their marketplaces. If you install Passbolt on your own services, you can use it for free. For the hosted option, it’s $32/month for 10 users or you can opt to go a highly custom route (which you must contact the company for more information).