The best password manager is whichever one suits your needs. Every business will have its unique criteria, with some looking for the best free password manager, some the best business password manager, and others where it would actually make more sense to explore the best password generators on the market.
Password managers are a great way of prioritizing your internet security and privacy. It allows you to create unique and complex passwords of adequate length for each user account. A study conducted by NordPass reveals that an average internet user has more than 100 online accounts, making it impossible to avoid password reuse without a password manager.
With so many exceptional paid password managers available, it can be challenging to determine which one is the best fit for your needs. In this piece, we’ll delve into the five critical factors to remember when selecting a password manager.
1. Do I want my vault stored in the cloud or on my device?
Your password “vault” is where all your passwords are stored. There are two ways to store your vault: on the device or on a cloud server.
You might think you would prefer on-device storage over cloud storage, and there are definite advantages to this approach. For instance, when your passwords are stored on your device, you don’t have to worry about data breaches affecting the provider’s cloud storage services or whether your information is being transmitted and stored correctly.
RoboForm is one of the few password managers that allows you to store your passwords on-device only, without any cloud intervention. In contrast, Sticky Password enables you to sync devices over local Wi-Fi.
On the other hand, if your device is lost or stolen, you’ll lose all your passwords, too, with no way to recover them. It can also make it more challenging to sync passwords across devices or move all your information to a new one.
With cloud storage, the reverse is true: your passwords can be quickly recovered if you lose access to your device(s), but there are additional security concerns. Most password managers boast heavy-duty encryption in their cloud servers, and the best ones will encrypt your data on-device before it’s even transmitted to their servers. Dashlane is one such password manager.
2. How important is zero-knowledge storage to me?
Zero-knowledge refers to policies and architecture that eliminate the possibility for a password manager to access your password. Remember, just because your data is encrypted on a provider’s server doesn’t mean they can’t access it — only that they don’t.
This is why some password providers employ zero-knowledge architecture, which eliminates this possibility by design. Keeper is an example of a robust password manager that obeys this principle. “The plaintext version of the data is never available to Keeper Security employees nor any outside party,” explains their website. “In the unlikely event Keeper was hacked, the attackers could only possibly access the worthless ciphertext.”
However, the technology is not without its limitations. First, building such architecture is tough, so companies don’t always get it 100% correct. More than one provider has admitted that they overlooked an unlikely but possible scenario in which their zero-knowledge policy could be compromised.
Second, it makes some of the most convenient features of password managers, like inheritance and automatic password updating, difficult or impossible to have. Keeper, for example, refused to implement inheritance until they could do so within a zero-knowledge framework, and nobody has yet to manage automatic password updating in this context.
3. What kind of recovery options do I want?
The main disadvantage of using a password manager is that if you forget your master password, your data may be irrecoverable. Different password managers have approached this in different ways.
LastPass, for example, allows you to generate a one-time password to access your vault and reset the password, though you’ll need access to the email address you used to make your account. However, that convenience means looser security, as anybody with access to your email address can gain access to all your user accounts.
Alternatively, 1Password allows for account recovery by a team administrator (for businesses) or family organizer. These individuals need only start the recovery process from the admin dashboard, and an email will be sent to the user to reset their password. Dashlane has a similar recovery process.
For single users, however, it’s more complicated. If you have biometric access on a device, you may be OK, but often, losing a master password means starting over. You’ll need to check out what kind of recovery options each manager offers and which gives you the right balance of convenience and security for your situation.
4. What about device compatibility and browser plugins?
Device compatibility is another important factor when choosing a password manager. Not all managers are compatible with all devices.
This is especially important if you’re purchasing a device manager for a business setting, especially if multiple users will be using different devices, and if you’re supporting remote workers and Bring Your Own Device practices. In this situation, you may need a Linux-compatible manager, like NordPass.
Also, ensure that whichever password manager you opt for includes a browser plugin for your preferred browser. This isn’t too much of a problem nowadays, as most password managers have a robust plugin for major browsers. If you use a less popular one like Opera, your choices will be more limited. If you’re purchasing for a multi-user business setting, consider that team members may use different browsers.
5. Is this for my personal or business use?
Again, your decision may vary based on which setting you intend to use the password manager: personal or business.
For a business setting with multiple users, it’s essential to find software with good user management features, like user groups and secure password sharing. Dashlane and Keeper, for example, have robust multi-user features, including a centralized administrative dashboard for creating user groups, assigning permissions and passwords per group or role, and supporting unlimited devices.
IT managers will want to ensure safe practices among employees, which the right password manager can help with. Additional security features, like a strong password generator, password auditor, and dark web scanning, can all help keep enterprises safe.
Conclusion
The security of your user accounts and online information can be greatly improved by investing in a good password manager. No two services are alike, so be sure to do your research and consider these five important questions before making any decisions. All the password managers mentioned in this article have different features and are considered to be among the best on the market.
- We've featured the best password management software for business.
