At TechRepublic, we pride ourselves in bringing our readers comprehensive and fair reviews of password manager software they may invest in. To do so, we believe it’s necessary to share the process by which we evaluate password managers, what criteria and subcriteria they’re graded on and how all these aspects add up to a final star rating.
SEE:Â Brute Force and Dictionary Attacks: A Guide for IT Leaders (TechRepublic Premium)
We utilize an in-house algorithm that’s built upon five categories: pricing, core password management features, ease of use, customer support and expert analysis. Each area is then weighted to account for how relevant it is to our audience of technology buyers and users.
While our algorithm is subject to change, these categories serve as the main pillars by which we evaluate each password manager. For readers who may disagree with our criteria, we encourage you to utilize our methodology as a way to calibrate your own opinions on what makes a good password manager for you.
Below is a breakdown of how we review password managers.
Pricing accounts for 25% of our total score for password managers. This category consists of subcriteria that include, but are not limited to:
Core password manager features, such as vault encryption and autofill, account for 35% of our total score. This category comprises subcriteria that include, but are not limited to:
Ease of use accounts for 15% of our total password manager score. This category consists of subcriteria that include, but are not limited to:
Customer support accounts for 15% of our total password manager score. This category comprises subcriteria that include, but are not limited to:
Expert analysis accounts for 10% of our total password manager score. This category consists of subcriteria that include, but are not limited to:
To get an all-around view of each password manager we review, we prioritize analysis gained through in-house and hands-on user testing. We also supplement our findings through product demos and verified customer feedback on sites that include, but are not limited to:
Selecting the best password manager for your business will largely depend on looking at your business’ particular set of needs and circumstances. But with data as sensitive as passwords, there are key factors to consider to keep company resources secure and safe from bad actors.
Password managers store an organization’s most essential credentials. Thus, it’s critical to prioritize security when choosing a password manager solution.
To start, look into whether a prospective password manager has been involved in any sort of security breach. Password managers that have had data breaches involving customer data, such as passwords or URLs visited, are red flags that aren’t worth taking the risk for. Ideally, you want a password manager that has a clean record of keeping customer data secure at all times.
SEE: LastPass Review 2024: Is It Still Safe and Reliable? (TechRepublic)
We also want a password manager that subscribes to zero knowledge principles. This means they have zero access to your unencrypted passwords — and only the end user ever knows or has access to master passwords, logins and other important credentials.
Finally, go for a password manager that offers a range of multi-factor authentication options. MFA adds a layer of security to your business’ vault, as it requires more information from the end user to access their passwords. With this, hackers will have a harder time cracking password vaults — even if they were able to steal a single password or credential.
Another consideration is if you want a password manager that stores data on the cloud or on local storage. At times, this will depend on your business’ structure.
For example, larger organizations that work with remote workers may want to opt for a cloud-based password manager. This allows for easy storage, syncing and accessing of passwords within the company.
On the other hand, local password storage may benefit organizations that are wary of cloud storage breaches or cyberattacks. Local password storage could also be more convenient for smaller teams that are able to share passwords from a single local device or server.
Fortunately, there are password management solutions that cater to all business sizes. For smaller businesses, many consumer password managers have Teams and Business plans that offer robust security and accessibility features. Examples of such features include simple password sharing and password health reports within the app itself.
SEE: Bitwarden vs 1Password (2024): Password Manager Comparison (TechRepublic)
However, if you’re a larger organization, it’s wise to look into password managers tailor-made for enterprises and big businesses. These solutions are capable of handling hundreds of users; provide granular access controls; and include password enforcement mechanisms for IT teams and departments.
You also have the option between open source and proprietary password management solutions.
Open source password managers have publicly available source codes, making it easier for community members to spot vulnerabilities and prevent exploits. They’re also generally more affordable and have secure free plans as well. The downside is that open source options may require technical expertise to deploy and can lag behind proprietary solutions in terms of customer support.
On the other hand, proprietary password managers have more established software with generally more intuitive user applications. Customer support is also given higher priority, with options for 24/7 live chat and accessible online ticketing systems. You will deal with less transparency and more expensive subscription prices when choosing the proprietary route.
