Share this content

Password security software recommendations

password security software

Didn't find your answer?

Please can anyone recommend any software for securely storing passwords/logins for individuals and for teams; it would need to be capable of storing passwords for cloud/online software and passwords/logins for desktop based software?

Replies (11)

Please login or register to join the discussion.

By Maslins
16th Jul 2018 12:32

We use LastPass, lots of others use 1Password.

Basically you each then just have to remember one password, which gets you into the "vault" where all the other complex passwords are saved. They can also help generate unique, complex passwords.

Thanks (2)
By daniel_
16th Jul 2018 13:38

We use KeePass, which is a free open-source password manager.

The software can be run just by running a .exe which can open different password databases, each can be encrypted with a different password or certificate. There's a keyboard shortcut for auto-typing the credentials into a browser window.

There's many plugins available, e.g. integration with Chrome or automatic backup of the databases every hour etc.

We just have password databases hosted on a shared drive and anyone can access them. (If they have the password or certificate).

It's not the most elegant solution, but it's free and it works reasonably well.

Important note: It's local only password storage.
(+) your passwords aren't beamed up to a cloud service to potentially get hacked
(-) you're responsible for backing up the password databases, if they ever get deleted or you forget the password / lose the certificate, they're gone forever.

Thanks (0)
Replying to daniel_:
By Charlie Carne
19th Jul 2018 13:33

I wouldn't use a free system to manage your security. Your entire business relies on this. Products like LastPass and Dashlane are excellent and very inexpensive. If you choose something because it is free, you'll get exactly what you paid for.

Thanks (0)
Replying to charliecarne:
By alan.rolfe
20th Jul 2018 09:29

I believe that best practice for security products and encryption is to use open source (i.e. free) software. The ability for peer-review is considered the best way to help ensure there are not back-doors and security flaws.

I would not trust any commercial cloud providers, despite all their clever technobabble. If their service is interrupted you're lost. It has happened before - you have been warned!

Solutions such as KeePass and PasswordSafe where the algorithms are publicly verified and the data is under your sole control would be my preference.

Thanks (0)
Sarah Douglas - HouseTree Business Ltd
By sarah douglas
16th Jul 2018 14:35

I cannot recommend LastPass enough.

I use LastPass Enterprise so you can manage passwords for staff. It is a great piece of software. USD 4 a month a user. Worth every penny and saves hours of time messing about with password words and allows you to share with clients who keep forgetting them.

Can I suggest extra security by doing the following?

1) Take the security challenge on a regular basis. This is on the left-hand side of the menu.

2) Go to Account settings and Enable Multifactor options for double authentication, where you can set up trusted devices as well. This means you must have the six-digit code on your phone as well to log in.

3) Go to account Setting and click show advanced settings and go to the last item in security and click the choice of countries that you can log in, for example, the UK only, you can change this if you are away on business trip. This prevents hacking from outside UK, if you try to login in from the outside UK you can,t unless you over it.

4 Use the facilities like credit monitoring and Generating Secure passwords and you can use one time passwords if you wish.

Lastpass Security :

Private Master Password
LastPass does not send or store the master password. We believe that if LastPass can’t access your data neither can hackers.

End-point encryption
Encryption happens exclusively at the device level before syncing to LastPass for safe storage, so only users can decrypt their data.

256-bit AES encryption
This algorithm is widely accepted as impenetrable – it’s the same encryption type utilized by banks and the military.

PBKDF2-SHA256 for brute-force attacks
We strengthen the master password and encryption key against large-scale, brute-force attacks by slowing down guesses.

Thanks (4)
Replying to sarah douglas:
By coops456
25th Jul 2018 10:12

I agree - we've also used Lastpass for years and I love it.

Thanks (0)
By Maslins
17th Jul 2018 09:11

What happened to the really in depth reply re LastPass? Guessing it was perhaps from someone with a motive?

Shame, I skim read it, thought "ooh, there's some useful advice there", bookmarked it to look at in more detail today...and it's gone!

Thanks (1)
Replying to Maslins:
Sarah Douglas - HouseTree Business Ltd
By sarah douglas
17th Jul 2018 20:27

Hi Maslins

That was my post and accounting web picked it up as Spam. So there was no motive I just use Lastpass Tom sorted it out so the post is back there now.

Thanks Sarah

Thanks (2)
Replying to sarah douglas:
By Maslins
19th Jul 2018 13:10

Cheers Sarah :)

Thanks (1)
By ShayaG
19th Jul 2018 15:06

I use LastPass, but with some hesitation: it's a lot of eggs in one basket.

Thanks (0)
Stephen Quay
By squay
19th Jul 2018 18:58

I have used Dashlane for a few years now. For one device it's free but I pay USD30 per year and it syncs the passwords across all my devices. It can generate strong passwords for you of which the format and length are customisable. Also has secure notes section for keeping all sorts of other sensitive info safe and organised. Also holds your payment cards and will populate fields when paying online for your basket of goodies. Also it will alert you if a website suffers a data breach and prompts you to change your password. Finally it keeps an eye on your passwords with a dashboard so you can see their status, good, weak, used more than once, etc and helps you change them. You no longer need websites to store your card details or for browsers to store your passwords. So much more secure. It's brilliant. Wouldn't be without it now.

I nearly forgot. There is a business version which allows work colleagues to share passwords.

Thanks (0)
Share this content

Related posts