Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Best tools for protecting passwords

David Strom | Sept. 4, 2013
Passwords are a security weak link, but these products help shield passwords from attackers

The Enterprise version of RoboForm includes the ability to recover any of your user's master passwords, because they are stored encrypted on a network share. This is something most of its competitors currently lack. It also has the ability to bulk import Active Directory users to help with the initial setup.

TrendMicro DirectPass  
Like the other consumer-grade tools, DirectPass has no enterprise management features. It also had the fewest overall features and the most issues in its use, and we would recommend that you wait until its next release before seriously evaluating it. For example, of the six products tested, it was the only one that didn't include a password generator. Trend promises to include this feature in its next release. Instead, it just captures logins from when you bring up a Web browser session. There is no way to manually add the website and its associated password to a separate list.

DirectPass synchronizes your vaults through its own cloud-based service, which is simple. Its vault can contain text files and also general Web form data. You can force the synch through buttons on the interface, or it should automatically do so when you bring up the software.

We had problems using DirectPass with our Pro Preview version of Windows 8.1. It worked fine with XP or on our iPhone. It took an hour before all the identity listings and notes were initially synchronized but thereafter the sync happened pretty much in real time.

Also, the capture dialog on Windows 8.1 would appear at the same time the browser-based "save this login" message would appear. Trend acknowledges all of these items and is working on fixing them and making an updated client available when Windows 8.1 is released later this fall.

The good news is that it supports Windows from XP-SP2 up to and including the original version of Windows 8 and on both 32 and 64 bit versions. It is also available for Android (running at least v2.3) and iOS (running at least v4.3). DirectPass has a simple pricing plan: $15 per user per year. You can use it free if you just want to save at most five passwords with the tool.

How we tested password managers
We installed each product on a Windows 7 or a pre-release version of Windows 8.1 desktop. We also used Android and iOS phones and Mac desktops (if a client was available for these systems) as well as Windows servers, and various Web-based services such as Dropbox, Gmail, and a Wordpress blog site to test these logins.

We connected to the various websites with at least Firefox and Chrome browsers to try out the associated plug-ins, too. When there was a cloud-based service available to synchronize our password vault, we signed up for that service and observed whether our password data was propagated across to the various clients. We also took notes on the relative differences in the clients across different OSs both in terms of functionality and user interface.

 

Previous Page  1  2  3  4  5  6  7 

Sign up for CIO Asia eNewsletters.