Password Manager for a Small Remote Team?
March 12, 2019 1:21 PM Subscribe
We are a small business with an all-remote core team of 5-6 in need of a password manager. We work in Chrome, mostly on Macbooks, and currently have a shared Google Sheet that contains the logins, passwords, security questions, notes, etc, for about 50 accounts (e.g., MailChimp, Twitter, Insta). Obv not ideal.
I did read this post from a couple of years ago that mentions Last Pass Teams and 1Password, but it's an old post and unclear if the team is remote (if that even matters). Other posts are way older or don't have the same needs.
I'm a complete noob to this subject and can't wrap my brain around how a password manager for a remote team would work. Right now, we just reference the shared Sheet if we ever have login issues. If one of us updates the login information on an account, we update the shared Sheet. But of course sometimes that doesn't happen. For that, and (the priority) reasons of security, we need a better solution. We are 5-6 employees, but sometimes we also delegate some of things (e.g. MailChimp, Twitter) to our consultants some of the time, so that also needs to be considered.
We're seeking an affordable, cloud-based, secure and easy-to-setup-and-use solution. What can you recommend, and what are the things we should be keeping in mind?
I did read this post from a couple of years ago that mentions Last Pass Teams and 1Password, but it's an old post and unclear if the team is remote (if that even matters). Other posts are way older or don't have the same needs.
I'm a complete noob to this subject and can't wrap my brain around how a password manager for a remote team would work. Right now, we just reference the shared Sheet if we ever have login issues. If one of us updates the login information on an account, we update the shared Sheet. But of course sometimes that doesn't happen. For that, and (the priority) reasons of security, we need a better solution. We are 5-6 employees, but sometimes we also delegate some of things (e.g. MailChimp, Twitter) to our consultants some of the time, so that also needs to be considered.
We're seeking an affordable, cloud-based, secure and easy-to-setup-and-use solution. What can you recommend, and what are the things we should be keeping in mind?
LastPass Teams is built for this, and even the LastPass basic account with shared folders will do it (though with less granular control). For this type of password manager, "remote" or "not remote" doesn't really make a difference -- you're all on different computers whether you're sitting at the same table or across the world from one another. The password database is kept in the cloud; each person gets passwords (and updates passwords) from that centralized cloud location.
posted by ourobouros at 1:50 PM on March 12, 2019 [2 favorites]
posted by ourobouros at 1:50 PM on March 12, 2019 [2 favorites]
My work uses LastPass, I don't like it. The desktop interface is surprisingly hobbled but it doesn't let you know that--I wasted a good half hour trying to figure out how to add a folder there or manage permissions only to figure out you can only do that on the web interface. And there was even an "add folder" action in the interface! It just...didn't work, as far as I could tell.
For my personal password management, I use 1Password, which I do like. I have a family account and several different vaults. My partner has his personal vault, I have mine, then we have a shared vault where we keep the accounts we both need to access. I can edit most any setting I need to do in the desktop app, the mobile app, or on the website. 1Password has a very good Mac desktop app.
LastPass is cheaper, you can get that for $4 a month, 1Password is $8 a month (prices per user).
posted by foxfirefey at 1:59 PM on March 12, 2019
For my personal password management, I use 1Password, which I do like. I have a family account and several different vaults. My partner has his personal vault, I have mine, then we have a shared vault where we keep the accounts we both need to access. I can edit most any setting I need to do in the desktop app, the mobile app, or on the website. 1Password has a very good Mac desktop app.
LastPass is cheaper, you can get that for $4 a month, 1Password is $8 a month (prices per user).
posted by foxfirefey at 1:59 PM on March 12, 2019
1password is the gold standard!
posted by amaire at 2:23 PM on March 12, 2019 [4 favorites]
posted by amaire at 2:23 PM on March 12, 2019 [4 favorites]
I use LastPass (we also just use multiple Google Doc spreadsheets for different clients), but another, safer password manager is KeePassX. KeePassX has a web app and a desktop app, but everything is stored locally (unlike LastPass, which stores in the cloud). So that's the most secure and straightforward password manager I've worked with.
There is a bit of fiddling around setting it up, though, so it sort of depends on how tolerate different members of a remote team are about that.
I myself am slightly intolerant of fiddling around with computers and prefer to use LastPass.
posted by JamesBay at 3:02 PM on March 12, 2019
There is a bit of fiddling around setting it up, though, so it sort of depends on how tolerate different members of a remote team are about that.
I myself am slightly intolerant of fiddling around with computers and prefer to use LastPass.
posted by JamesBay at 3:02 PM on March 12, 2019
We use 1Password with MLTSHP's 100% remote very small team (and pay for it) by connecting to a shared dropbox file and it's very very worth it. It also will store stuff like credit card numbers which is super helpful.
posted by jessamyn at 3:09 PM on March 12, 2019 [4 favorites]
posted by jessamyn at 3:09 PM on March 12, 2019 [4 favorites]
A keepass database on a networked drive works very well and doesn't rely on a third party provider not doing anything stupid.
My work users it across multiple computers with the file on a network drive, as above. I use it personally across five devices, including phones, with the database sitting on a nextcloud server. I think you should be able to use Google drive in a similar fashion.
posted by deadwax at 3:10 PM on March 12, 2019
My work users it across multiple computers with the file on a network drive, as above. I use it personally across five devices, including phones, with the database sitting on a nextcloud server. I think you should be able to use Google drive in a similar fashion.
posted by deadwax at 3:10 PM on March 12, 2019
I use 1Password as part of a distributed team. It works great. I can put logins in a shared vault that everyone on the team can see, or put work-related personal logins in a non-shared vault that's just for me. And if you have anyone on the team that already uses 1Password, it plays nicely with being signed into the work account and personal account simultaneously.
posted by zsazsa at 3:11 PM on March 12, 2019 [2 favorites]
posted by zsazsa at 3:11 PM on March 12, 2019 [2 favorites]
Bitwarden is an open source alternative to LastPass that IMO has a much nicer UI.
posted by COD at 3:18 PM on March 12, 2019 [2 favorites]
posted by COD at 3:18 PM on March 12, 2019 [2 favorites]
Like COD I came to say Bitwarden. Much the best system for me: goes across all kids of computers, pads, and phones, with fully encrypted data stored. And FOSS, so it's been eyeballed by plenty of people for security.
posted by anadem at 4:35 PM on March 12, 2019 [2 favorites]
posted by anadem at 4:35 PM on March 12, 2019 [2 favorites]
Another vote for Bitwarden. I switched to it several months ago after years of LastPass use.
And FOSS, so it's been eyeballed by plenty of people for security.
And in this case it's not just a nice axiom. Bitwarden recently undertook a third-party security audit.
posted by Nonsteroidal Anti-Inflammatory Drug at 6:26 PM on March 12, 2019
And FOSS, so it's been eyeballed by plenty of people for security.
And in this case it's not just a nice axiom. Bitwarden recently undertook a third-party security audit.
posted by Nonsteroidal Anti-Inflammatory Drug at 6:26 PM on March 12, 2019
Do any of these solutions (LastPass, KeePass, etc) do anything to help with this specific problem the OP identified?
If one of us updates the login information on an account, we update the shared Sheet. But of course sometimes that doesn't happen.posted by vincebowdren at 7:30 AM on March 13, 2019
Do any of these solutions (LastPass, KeePass, etc) do anything to help with this specific problem the OP identified?
Not sure I understand? With 1Password there is a shared password bank that gets updated manually but it doesn't touch the login screen. IIRC LastPass does give you an option to updated the stored password if you change a password?
posted by jessamyn at 7:56 AM on March 13, 2019
Not sure I understand? With 1Password there is a shared password bank that gets updated manually but it doesn't touch the login screen. IIRC LastPass does give you an option to updated the stored password if you change a password?
posted by jessamyn at 7:56 AM on March 13, 2019
@jessamyn That's it: the feature of LastPass, that it watches your browser activity and realises when you've used a new password. Prevents the problem of anybody forgetting to update the password manager manually.
posted by vincebowdren at 9:20 AM on March 13, 2019 [1 favorite]
posted by vincebowdren at 9:20 AM on March 13, 2019 [1 favorite]
1Password also offers to update passwords when you drop a new one in the browser. (Of course you SHOULD be using the program itself to generate the passwords, right?)
It's brilliant on a Mac, integrates really well into the OS, works on mobile, and will use any storage vault location you want (iCloud, Dropbox, their own internal cloud, ...). It's good enough that Apple paid for it for all employees.
posted by caution live frogs at 9:55 AM on March 13, 2019 [1 favorite]
It's brilliant on a Mac, integrates really well into the OS, works on mobile, and will use any storage vault location you want (iCloud, Dropbox, their own internal cloud, ...). It's good enough that Apple paid for it for all employees.
posted by caution live frogs at 9:55 AM on March 13, 2019 [1 favorite]
Dashlane works really well for my team.
posted by vegetableagony at 6:34 PM on March 15, 2019
posted by vegetableagony at 6:34 PM on March 15, 2019
We use Secret Server for this at work. It's aimed at IT/developers so might be slightly too technical for your audience, but they do offer a cloud hosted version that should check all the regulatory boxes needed.
posted by reptile at 12:26 PM on March 16, 2019
posted by reptile at 12:26 PM on March 16, 2019
Response by poster: We ended up going with the 1Password Teams plan, at $3.99/user/mo billed annually. Thanks all.
posted by AnOrigamiLife at 10:17 AM on July 8, 2019
posted by AnOrigamiLife at 10:17 AM on July 8, 2019
« Older I'm pretty sure the answer is never... | the plaintive vibrato of economically depressed... Newer »
This thread is closed to new comments.
posted by Lexica at 1:48 PM on March 12, 2019 [1 favorite]