Type to search


5 Essential Features for Password Managers

Avatar photo

James DeHoniesto
Director of Business Tech Optimization SSD Technology Patners

You wouldn’t ask Anne in accounting or Sam in sales to configure your firewalls, install an encryption solution or apply security patches. Yet most companies consistently make regular employees responsible for one of the most critical pieces of security – the password.

Spoiler alert: It doesn’t work very well.

Despite greater focus on improving security awareness in the workplace, poor password practices continue to undermine data protection. More than 80 percent of all confirmed data breaches involve weak, default or stolen passwords, according to Verizon’s 2018 Data Breach Investigations Report.

There is a better way. Simple and effective password management solutions can boost security by eliminating the burden on end-users to create, type, change and remember passwords.

Password managers encourage safer practices by allowing users to create and store unique passwords for all their accounts. Most work by encrypting a list of passwords with a single master password that only the user knows. The best also include a built-in password generator that ensures passwords are complex, difficult to guess and changed frequently.

There are a variety of password managers available, ranging from low-cost and even free consumer-grade solutions to advanced enterprise-grade solutions. They can come in the form of installed software applications, locally accessed hardware devices or as online services accessed via web portals. They are all fairly easy to use.

LastPass, Dashlane, Keeper and Zoho Vault are among the many password managers with free editions. However, most free versions come with some restrictions. They generally limit the number of passwords that can be stored, the amount of encrypted file storage available and the number of devices that can be used. The professional editions of these solutions offer more robust features, including AES-256 encryption, salted hashing, two-factor authentication and a random password generator.

Forrester Research says you should look for these core capabilities when evaluating password managers:

Secure storage of passwords and private information. The solution should provide a secure vault of password information, either locally or in the cloud for easier mobile access. The vault enables autofilling of credentials across devices and can enforce other requirements such as password complexity and password rotation.

Support for both personal and business password vaults. The ability to quickly switch between work and personal vaults discourages password reuse. This also allows security teams to enforce stronger password policies for work accounts and users to still access their personal passwords after leaving the organization.

Multi-device syncing. This allows you to use a single account across office and home desktop computers, laptop, tablet and mobile phone. Any password changes are synchronized to all of your linked accounts in real time, reducing the time and trouble of submitting help desk reset requests.

Centralized management.  An administrative console will make it much easier to deploy, manage and monitor password managers across the organization. The console will allow administrators to create roles and teams, enforce management policies, invite and enroll new users, and offboard users without risk of losing critical business information.

Application integration. Many solutions also include dedicated APIs that administrators can leverage to secure passwords embedded in app-to-app connections, scripts and other locations across platforms.

Passwords have long been an essential security tool, but password overload is limiting their effectiveness. Users are being asked to adopt more and more complex passwords, avoid reusing them and change them frequently. Password managers can relieve users of much of this responsibility and deliver a more sophisticated and practical solution.


Get the free DBT email newsletter  

Follow the people, companies and issues that matter most to business in Delaware.

Avatar photo
James DeHoniesto

James has worked in IT for over 25 years. He is focused on Cyber Security and Business Technology Optimization (BTO) for SSD Technology Partners headquartered in Wilmington, Delaware. James’ goal is to ensure SSD’s clients secure their environments using practical application of current technologies and raising overall awareness of existing security risks. He also helps organizations identify the most effective technology strategies they should pursue to meet their overall business objectives utilizing existing IT resources. Leading the Custom Development team at SSD allows him the opportunity to ensure business applications are focused on user experiences while maintaining a level of security commonly overlooked when custom software is created.

  • 1

You Might also Like

Leave a Comment

Your email address will not be published. Required fields are marked *

Premier Digital Partners

© 2024 Delaware Business Times

Flash Sale! Subscribe to Delaware Business Times and save 50%.

Limited time offer. New subscribers only.

Limited time offer. New subscribers only.


Subscribe to Delaware Business Times and save 50%