We decided to review Pure, which is Kaspersky's security suite. Pure includes a variety of tools, including anti-spam, backup, parental controls, data encryption, advanced browser protection and password manager. This latter module does synchronize passwords using the cloud-based accounts maintained on Kaspersky's website.
The Pure password manager covers the basics well, with a complex password generator and options to close the vault automatically after the PC has been idle. You can also store text notes and contact information in the vault.
Pure also has modules that improve browser security, and this is probably more of a reason to purchase it than just for password protection and management. For example, the SafeMoney module sets up protected browser sessions for online banking and ecommerce sites, and another module can securely erase your browser history or analyze your Internet Explorer settings.
Pure will run on Windows 8 in addition to earlier versions back to Vista. The password manager module is only for 32-bit PCs, however. On the other hand, there is a long list of supported browsers, some of which we have never even heard of. Given its Windows-focus, this means that the synchronization feature is of limited value since you can't transport your vault to your smartphone or move between Macs and Windows PCs. Pure is priced at $65 for licensing on up to three PCs.
LastPass is an enterprise-grade product that comes with a separate management console. This software is Web-based, which is also a nice touch. It comes with the widest collection of clients supported, ranging from Windows (including both 32-bit and 64-bit and from XP to Windows 8) to various smartphones. There is also a Web client where you can view your password vault contents. It also combines the best features of a consumer product with a solid enterprise flavor.
The best enterprise security products have flexible policy creation and administration tools, and this is the case here. For example, you can set up a policy to override the default auto logoff protections for PC shutdown, or when in screensaver mode, or when idle, or when the computer is locked. There are dozens more policies to choose from, including support for multifactor tokens such as Yubikey, its own "Sesame" tool, and Google Authentication one-time passwords. You can also strengthen your online access to your vault by restricting access to specific countries, and excluding any access from anyone using the Tor file-sharing network.
You can also federate your LastPass logins across other cloud services such as Wordpress, Salesforce.com, Box and others using SAML. There is a long list of potential notifications that can be setup, including users who have a certain number of duplicate or blank passwords. These come with pre-written warning messages that can be easily customized for your circumstances. The tool also has a few simple reports available from the admin console. There is API access to its reporting engine, which is a nice touch.
Sign up for CIO Asia eNewsletters.