Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Top password managers compared

Maria Korolov | Feb. 3, 2015
Unless you're living off the grid in a cabin in the woods -- and, if you're reading this, you're probably not -- you have more passwords than you can manage. They're all supposed to be long, complicated, unique, and difficult to guess. Oh, and you're supposed to change them all every three to six months.

The one thing missing is the ability to use Dashlane to log into standalone iPhone and iPad apps, though that is a problem for all password managers.

In fact, Apple only recently allowed third-party extensions to its mobile Safari app to allow password managers to fill in online passwords. Previously, iOS users had to open up their password manager apps, look up their passwords and copy-and-paste them into the form fields.

LastPass 

LastPass used to be my top recommendation, and is the system I currently use.

The company has an enterprise version, with Active Directory sync, configurable management policies, onboarding, offboarding and provisioning, and single sign-on for many popular cloud applications, including Office 365, Google Apps, Salesforce, Wordpress, and others.

It supports both software and hardware multifactor authentication, such as the YubiKey USB keyfob, toopher, and Duo Security.

Plus, LastPass throws in free credit monitoring, will generate one-time passwords for use at untrusted computers or networks, and will change your passwords for you.

LastPass has more than 10,000 corporate customers ranging in size all the way up to the Fortune 500, according to spokeswoman Cid Ferrara.

Prices range from $24 per user per year down to $18 with a volume discount.

Like Dashlane, LastPass offers to save passwords as you log into new sites. This could be an issue if the password management software is provided by the employer, and the employees are logging into personal sites.

"Care must be taken that users do not enter private personal information, such as banking logins as the company may face increased legal liability," said Randy Abrams, research director at Austin, Texas-based NSS Labs, Inc.

LastPass has a solution to this.

It offers a unique feature, the ability for employees to link their personal and company LastPass accounts, allowing easy access to both, but letting the company manage only the corporate ones.

When the employees leave their jobs, the company can wipe all the work logins — and the personal passwords stay untouched.

I use the personal version, and find the interface clunky and uncomfortable to use and will probably be switching to Dashlane once my annual subscription expires later this spring.

For example, in LastPass, the feature to change your passwords requires that you edit each site's entry, individually, and ask LastPass generate a new password for it. It still saves a little bit of time compared to having to log into each site and navigate around to change its password, but is not as convenient as DashLane's one-click that resets all passwords at once.

For corporate deployments, however, LastPass is the strongest contender.

KeePass 

Many of our readers, however, will probably prefer KeePass for individual use.

 

Previous Page  1  2  3  4  5  Next Page 

Sign up for CIO Asia eNewsletters.