At TechRepublic, we pride ourselves on providing our readers with comprehensive and fair reviews of password management software they can invest in. To do so, we believe it is necessary to share the process by which we evaluate password managers, what criteria and sub-criteria they are scored. and how all of these aspects add up to a final star rating.
SEE: Brute force attacks and dictionary: A guide for IT leaders (TechRepublic Premium)
We use an internal algorithm that is based on five categories: pricing, top password management features, ease of use, customer support, and expert analysis. Each area is then weighted to take into account its relevance to our audience of technology buyers and users.
1
Dashlane
Employees by company size
Micro (0-49), Small (50-249), Medium (250-999), Large (1000-4999), Business (5000+)
Micro (0-49 employees), small (50-249 employees), medium (250-999 employees), large (1000-4999 employees), enterprise (5000+ employees)
Micro, Small, Medium, Large, Enterprise
Characteristics
Automated provisioning
2
ManageEngine ADSelfService Plus
Employees by company size
Micro (0-49), Small (50-249), Medium (250-999), Large (1000-4999), Business (5000+)
Any size of company
Any size of company
Characteristics
Multi-factor authentication, password management, reporting and analytics, and more
While our algorithm is subject to change, these categories serve as the main pillars by which we evaluate each password manager. For readers who may not agree with our criteria, we encourage you to use our methodology as a way to gauge your own opinions about what constitutes a good password manager for you.
Below is a breakdown of how we review password managers.
Prices (25%)
Price accounts for 25% of our total score for password managers. This category consists of sub-criteria including, but not limited to:
- Multiple subscription options.
- Accessible free trial.
- Free plan.
- Prices relative to the competition.
- Value for money.
Top Password Management Features (35%)
The password manager's core features, such as vault encryption and autofill, account for 35% of our total score. This category comprises sub-criteria that include, among others:
- Number of multi-factor authentication options.
- The company is not involved in any type of security breach.
- Encryption.
- How the company stores and protects user data.
- Password capture and playback.
- Password generator.
- Password autofill capabilities.
- Share password and emergency access.
- Single sign-on.
- Vault entry without password.
- Easy account change.
- Encrypted vault backups; import and export.
- Integrated browser extension.
Ease of use (15%)
Ease of use accounts for 15% of our total password manager score. This category consists of sub-criteria including, but not limited to:
- Mobile app experience.
- Ease of use of mobile and desktop interfaces.
- Installation and configuration process.
- Interface design.
Customer service (15%)
Customer support accounts for 15% of our total password manager score. This category comprises sub-criteria that include, among others:
- Number of support offerings available (email, live chat, phone).
- Response time to customer queries.
- Help resources (tutorials, guides, other resources).
- User feedback on customer service experience.
Expert analysis (10%)
Expert analysis accounts for 10% of our password manager's total score. This category consists of sub-criteria including, but not limited to:
- Personal experience with one's own password manager.
- Ease of product research, including demonstrations, documentation and proprietary material to verify features.
- Presence of outstanding features that are not found in other options.
Our Password Manager Evaluation Research Methods
To get a complete view of every password manager we review, we prioritize analysis gained through internal and hands-on user testing. We also supplement our findings through product demonstrations and verified customer reviews on sites including, but not limited to:
- Community forums.
- Gartner Peer Insights.
How do I choose the best password manager for my business?
Selecting the best password manager for your company will largely depend on analyzing your company's particular set of needs and circumstances. But with data as sensitive as passwords, there are key factors to consider to keep company resources secure and safe from bad actors.
Prioritize safety above all else
Password managers store an organization's most essential credentials. Therefore, it is essential to prioritize security when choosing a password manager solution.
To start, find out if a possible password manager has been implemented. involved in any type of security breach. Password managers who have experienced data breaches involving customer data, such as passwords or visited URLs, are red flags that are not worth the risk. Ideally, you want a password manager that has a clean record of keeping customer data secure at all times.
SEE: LastPass 2024 review: Is it still safe and reliable? (Technological Republic)
We also want a password manager that subscribes to zero knowledge principles. This means they don't have access to your unencrypted passwords, and only the end user knows or has access to master passwords, logins, and other important credentials.
Finally, opt for a password manager that offers a variety of multi-factor authentication options. MFA adds a layer of security to your company's vault by requiring more information from the end user to access their passwords. This will make it harder for hackers to crack password vaults, even if they could steal a single password or credential.
Cloud vs. Local Password Storage
Another consideration is whether you want a password manager that stores data in the cloud or on local storage. Sometimes this will depend on the structure of your business.
For example, larger organizations that work with remote workers may opt for a cloud-based password manager. This allows for easy storage, synchronization and access to passwords within the company.
On the other hand, local password storage can benefit organizations that are wary of cloud storage breaches or cyberattacks. Local password storage might also be more convenient for smaller teams that can share passwords from a single device or local server.
Consider the size of the company
Fortunately, there are password management solutions to suit businesses of all sizes. For smaller businesses, many consumer password managers have Teams and Business plans that offer strong security and accessibility features. Examples of such features include simple password sharing and password status reporting within the application itself.
SEE: Bitwarden vs 1Password (2024): Password manager comparison (TechRepublic)
However, if you are a larger organization, it is advisable to look for password managers tailored for enterprises and large businesses. These solutions are capable of handling hundreds of users; provide granular access controls; and include password enforcement mechanisms for IT teams and departments.
Weigh Open Source Password Managers Versus Proprietary
You also have the choice between open source and proprietary password management solutions.
Open source password managers have publicly available source codes, making it easier for community members to detect vulnerabilities and prevent exploits. They are also typically more affordable and have secure free plans. The downside is that open source options may require technical expertise to implement and may lag behind proprietary solutions in terms of customer support.
On the other hand, proprietary password managers have more established software with generally more intuitive user applications. Customer support is also a higher priority, with 24/7 live chat options and accessible online ticketing systems. You'll face less transparency and more expensive subscription prices by choosing the proprietary route.