As the threat of cybercrime intensifies, it’s never been more important to keep passwords safe. Over the past year, savvy criminals have been leveraging the uncertainty caused by the pandemic and the rise in remote work to breach user credentials like never before — according to the 2020 Microsoft Digital Defense Report, 70% of cyber attacks now take the form of credential phishing and BEC (business email compromise).
Secure passwords form the most basic foundation of cybersecurity, yet so many of us are still guilty of using the same password across multiple accounts or relying on easy-to-guess options. One of the most common excuses for this is the difficulty of remembering multiple complex passwords. When trickier combinations are used, the problem lies in how to keep track of passwords safely.
Poor password security can result in credentials being breached and sold on the dark web, where criminals will leverage them for activities like credential stuffing, which targets users who reuse a password on multiple accounts. This is easily remedied by password managers, which offer the best place to store passwords online safely.
What is a password manager?
A password manager is an application that securely stores your credentials for multiple online accounts. If you’re wondering, “Is password storing online safe?”, the answer is yes — if done correctly. A good management tool will provide the option to auto-generate strong passwords, which are then stored in an encrypted database protected by a master password. This, in turn, should be secured using multi-factor authentication (MFA), which demands an additional form of authorization beyond your password, such as a fingerprint scan or a code sent to your phone.
Since they offer the best way to store passwords securely, password managers are an essential tool for growing SMBs. By making it easy to store usernames and passwords, they encourage the use of complex passwords and prevent employees from storing credentials in unsecured locations, such as on post-it notes or in Word documents.
Most password managers offer a limited free version, but businesses can benefit greatly from multi-account, paid options. These allow for secure password sharing and company-wide password management, which is great for setting master password complexity rules, changing passwords, and controlling access to sensitive information.
What is a good app to store passwords?
Now we’ve established how to store passwords safely, let’s take a look at which password manager is the best fit for your business. We’ve done a comparison of four of the best-known and most trustworthy tools: 1Password, LastPass, DashLane, and Keeper, so you can decide where to save passwords for your online accounts.
Screenshot: 1password
1Password (Jasco’s pick!)
At Jasco, we recommend 1Password as the best way to save passwords. It can sync your credentials across multiple devices and platforms — including mobile, browsers and applications — ensuring secure logins no matter where you are.
1Password also offers the best way to manage passwords through its “vaults” function. Vaults can be assigned to specific teams to segment password sharing — for example, bank information can be shared solely with Finance, software passwords can be shared with IT, and your MSP and other third-parties can be given access purely to the accounts they need, which reduces your exposure.
As well as facilitating secure password sharing and administration, 1Password protects users against breaches such as from phishing attempts, scans the dark web for stolen credentials, and can be linked to authenticator apps to enable MFA for the most secure way to store passwords. While there is no free version, most business users typically require the managerial controls of paid options on every tool.
Overview
Key features
- Access on all devices and major operating systems (Mac, iOS, Windows, Android, Linux, and Chrome OS)
- Unlimited shared vaults and item storage
- Multi-Factor Authentication for an extra layer of protection
- 24/7 email support and VIP support for higher plans
- Unlimited passwords, items, and 1GB document storage
- 1Password Watchtower (dark web scan)
- 365-day item history to restore deleted passwords
- Travel mode available (removes sensitive vaults when you travel)
- Advanced encryption
Price plans
- Standard - $2.99/mo per user
- Teams - $3.99/mo per user
- Family - $4.99/mo per user
- Business - $7.99/mo per user
- Enterprise - custom quote
Trial
- Free trials range from 14-30 days for consumer plans, and 6 months for business customers
Cons
- No free plans
Screenshot: LastPass
LastPass
LastPass not only stores passwords securely, it can also store credit card details, addresses and more. As well as syncing passwords across multiple devices and supporting MFA, this password manager enables you to log into apps on your phone, which is great for securing your device should it ever get stolen. LastPass is often lauded for its free version, however upcoming changes will remove email support and force free users to choose between desktop and mobile devices, making it less functional.
Overview
Key features
- Access on all devices and major operating systems
- Multi-Factor Authentication
- Unlimited password storage on unlimited devices per user
- 24/7 email and live support
- Dark web monitoring for paid plans
- Security Challenge (analyzes password security)
- Free powerful and secure password generator
- The only app with feature-rich free version
Price plans
- Standard - $0 (free)
- MFA (new) - $3.00/mo per user
- Family - $4.00/mo per 6 users
- Teams - $4.00/mo per user
- Enterprise - $6.00/mo per user
- Identity (new) - $8.00/mo per user
Trial
- Free trials span 30 days for consumer plans and 14 days for business customers
Cons
- Lacking customer support service
Screenshot: Dashlane
Dashlane
Similarly to LastPass, Dashlane can encrypt and store a wealth of information beyond your passwords, such as delivery addresses and files. Its free option allows users to store passwords for up to 50 accounts, protected by MFA, while the paid version features alerts for breached credentials discovered on the dark web and a VPN for browsing securely via Wi-Fi hotspots. On the downside, Dashlane is one of the more expensive options for business users.
Overview
Key features
- Access on all devices and major operating systems
- Multi-Factor Authentication
- Up to 50 passwords for the free plan, the rest are unlimited
- 24/7 email and live support
- Dark web and credit monitoring with higher plans
- VPN and ID theft protection with higher plans
- Technical onboarding
Price plans
- Free - $0 (free)
- Premium - $3.99/mo per user
- Family - $5.99/mo for 5 users
- Teams - $5.00/mo per user
- Business - $8.00/mo per user
Trial
- 30-day free trial for business customers only
Cons
- No user activity report
Keeper
As one of the most premium options, Keeper does not offer a free version but multiple price points are available. This tool is rich in features, such as data breach and weak password monitoring, secure file sharing, MFA, and encrypted messaging for higher price plans.
Overview
Key features
- Access on all devices and major operating systems
- Multi-Factor Authentication
- Fingerprint and face ID login
- 24/7 customer support
- Encrypted file storage up to 100GB
- Data-breach monitoring, dark web monitoring, and encrypted messaging with higher plans
- Keeper DNA feature
Price plans
- Personal password manager - $2.91/mo per user
- Personal plus bundle - $4.87/mo per user
- Personal max bundle - $6.00/mo per user
- Family password manager - $6.24/mo per user
- Family plus bundle - $8.62/mo per user
- Family max bundle - $12.39/mo per user
- Business - $3.75/mo per user
- Enterprise - starting at $5.00/mo per user
Trial
- 30-day unlimited free trial for 1 device
Cons
- Expensive
A password manager is only one element of security
These tools are important for business password management, and using them for keeping passwords safe is a great first step to ensure you can track multiple, complex credentials. Alone, or without proper usage, however, they are not enough to secure your accounts.
Need help with cybersecurity?
If you’re looking to improve your organization’s cybersecurity, Jasco Technology is here to help. As well as offering comprehensive employee security training, we can carry out a dark web scan so you can secure any breached accounts right away. Contact us today to find out more.
It is often said that employees can be your weakest link or your strongest asset — and for good reason. A lack of security training can leave your staff vulnerable to credential theft. Users should be trained in the importance of strong passwords and the use of MFA as essential security measures for their password manager accounts. They should also be informed that if a password manager does not automatically fill in the details for a saved site, they may have been directed to a fraudulent phishing page.
Employee security training not only assists in the proper use of password managers. It can also increase awareness and vigilance toward attempted breaches such as phishing emails, and encourage your employees to report suspicious activity before it infiltrates your organization. Training can also reduce slip-ups like writing passwords on paper or leaving desktops logged in when unattended.