Password managers?

HI guys

In our IT department, we would like to better be able to store our network passwords somewhere? At the moment, they're in a password protected document.

Is this how you guys do it? Are there password managers that are much better to use and something you guys have come across?

Cheers
Yashy
LVL 1
YashyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Thomas GrassiSystems AdministratorCommented:
We use KeePass

KeePass is OSI Certified Open Source Software

Works on all  Platforms

Have on my iPhone and iPad also


Site

http://keepass.info/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Seth SimmonsSr. Systems AdministratorCommented:
i use keepass at home also; works great

at the office, folks use password safe

http://passwordsafe.sourceforge.net/
0
FirstcomCommented:
We use Password Safe. Which is open source as well. It can be found here... http://pwsafe.org/
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

Bryant SchaperCommented:
We use lastpass. Phone app is nice too
0
Thomas Zucker-ScharffSolution GuideCommented:
I use and recommend roboform2go. But a business may want to look into cyberark.

The reason I like roboform2go, is that it stays with me on my stick.  I have a subscription to roboform everywhere (where it stores passwords on the web with double encryption), but  only use it to sync my passwords with my phone and ipad, then I delete all passwords stored on the cloud.
0
dbruntonCommented:
Another vote for Keepass.
0
David PiniellaCommented:
lastpass, lets you share logins without sharing passwords, lets you do groups and revocation and prestage shared passwords and notes (for things like procedures instead of just pain passwords)
0
Thomas Zucker-ScharffSolution GuideCommented:
I've used Dashlane and Passwwordbox as well.  Both have their pros/cons.  Forinstance the reason I have passwordbox at all is becasuse they bought out Legacy Locker which is now incorporated into the manager as "Legacy".  It is a way to share passwords in case of your death.  What happens to your passwords (especially if you are like me and have literally hundreds) and identities and online profiles?  Legacy lets you designate someone who will receive that information when they can produce a death certificate (among other things).  The biggest problem for me is that it seems like it is storing the passwords in the cloud (since it is basically a browser plugin.  But it has passwords, wallet, safe notes, sharing, legacy, a a generator.

Dashlane is another option.  I was an original beta tester for this one and do like it, one of the biggest pros is that it will notify you if there are breaches well in advance of anyplace else.  It also has a great security manager which rates your passwords and helps you make them better.  It will tell you which ones are used more than once and how many times as well as telling you which passwords are bad/poor/okay/good/better/best (I may not have gotten the categories exactly correct, but you get the idea).

While Passwordbox's import facility for roboform passwords and safenotes worked fairly well, Dashlane has a few problems with the same import.
0
Dr. KlahnPrincipal Software EngineerCommented:
Slightly off topic:  Do be aware that using a password manager doesn't remove the threats of keystroke loggers, scree captures or RAM sniffers stealing passwords.
0
Carlos IjalbaSenior SysadminCommented:
My vote goes for Keepass:

It plugs in with PuTTY, so you can open a putty session directly from keepass, as well as websites, and RDP sessions, very handy.

It's portable, so good for out of hours support personnel.

We use it at work as our main systems DB as well (kindda CMDB), not just to keep passwords,
0
David Johnson, CD, MVPOwnerCommented:
I use lastpass with yubikey this way I have 2 factor authentication.
0
Natty GregIn Theory (IT)Commented:
If I was to trust any password keeper it would be keepass
0
David Johnson, CD, MVPOwnerCommented:
Security Expert Steve Gibson has evaluated many password managers and so did the USENIX security team and lastpass is the one he uses.  LastPass fixed the vulnerabilities that the security researchers found.. Keeppass wasn't even mentioned.

https://www.grc.com/sn/sn-467.pdf
https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-li-zhiwei.pdf
0
dbruntonCommented:
The USENIX evaluation was on web based password managers.  Keepass isn't web based.  The Keepass application is local while the database can be anywhere else that the app can access.
0
Carlos IjalbaSenior SysadminCommented:
Keepass has certificate and password security,therefore 2 factor authentication.
0
hulseboschSystem administratorCommented:
Here's another vote for keepass.
0
YashyAuthor Commented:
Hey guys,

Thanks for your input and help on this. Sounds like Keepass is getting the vote here.

Thank you Thomas Zucker-Scharfff for your input regarding Dashlane and Passwwordbox and David Johnson also, I greatly appreciate the feedback also.
0
Thomas Zucker-ScharffSolution GuideCommented:
sure
0
Mathias AltenslebenCommented:
We also use keepass. It's very simple to use. Just place the kdbx-file on a Share, where everyone of the IT-Department has access.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.