AgileBits in Toronto offers 1Password, a password manager available to both private individuals and businesses, touting a unique approach to multi-factor authentication to improve security.
$2.99
per month
Delinea Secret Server
Score 8.2 out of 10
N/A
Secret Server (originally from Thycotic, now from Delinea since the 2021 Thycotic merger with Centrify) is an enterprise password management application, which is available with either a cloud-based or on-premise deployment which emphasizes fast deployment, scalability, and simplicity.
I've described how I use it to manage confidential client logins for the websites I develop for them. Every site has a myriad of things that need logins - from setting up their domain name and hosting, to building the WordPress site, to getting them set up with email and maintaining their sites. When I need to provide IT support to our staff, I have my phone right there to log in to their computers to address the issues. When I want to order cookies from Amazon or check my home's security camera settings, it's there for personal needs as well. There are sharing features that I haven't explored enough to be comfortable with setting up for staff. They may be just great, but it is a place where I personally don't make use of the program.
Great for managing access to secrets and servers and is more secure than storing passwords in a browser. The browser plugin to autofill passwords works well. Being able to schedule access ahead of time is a big plus for me as I can be forgetful. If you want a lightweight password vault, however, it may not be the best choice.
1Password's Watchtower service is a real value add - 1Password monitors the security news for evidence of security breaches containing your credentials and alerts you if you have been impacted. That is a huge value as it enables you to get out in front of a security breach and be proactive in protecting yourself.
1Password's core strength is that it makes it easy to practice good security hygiene by using strong, unique passwords for each site you interact with. This is something that all password managers do now, but offering an easy experience is key.
1Password's password sharing features makes it easy to share team credentials with other team members, and to decide who amongst the team gets access to the designated credentials.
Password Management: Its entire purpose, really. Secret Server stores passwords in an incredibly easy to use way. They can be organized in groups, they contain all the information about the site or system the password is used for (including URLs for websites), and even a notes field. You can set up specific policies for expirations and complexity, and Secret Server can even generate strong passwords for you. Using a password is simple, too, since you can just click a button to add it to your clipboard; you don't even have to unmask the password.
Security: The passwords are stored encrypted in a SQL database, and the application requires an authenticated login. This could be local, but we tie it into Active Directory. Each folder of passwords has groups assigned (in our case, again, AD, but you can make them local groups) with different permission levels, so we can compartmentalize passwords. Desktop technicians don't have access to network switch passwords, etc.
Easy Setup: It took me about an hour to get the server running, from spinning up the VM to importing our old password list. It took a little longer to organize the passwords into proper folders, and then assigning groups, but it was easy to do.
Personal Passwords: Each user also gets a personal folder, where they can keep their own, unshared passwords. This is nice for sites or systems with individualized logins (e.g., a firewall, VPN, etc.)
Favorites: Secret Server lets you tag passwords as "favorites" so you can easily find ones you use constantly. The search feature is nice, but this is nicer.
1Password is so secure, that it lacks a self-managed "forget your password" functionality which means that as a manager, I have to approve password resets which may slow down some users.
On Chrome, the extension sometimes stops working when the browser is updated.
The sharing functionality NEEDS improvement. We share most passwords at a group level, but then it becomes impossible to share them with a dynamic group and one or two one-off people as well. This is a major shortcoming.
I don't love the interface. I feel like there is an attempt at a dashboard, but it is really not effective.
I've heard, but never seen, that the software can actually change passwords in the target systems. If this is part of its deliverable, I do not know how to use it, and I don't know how you would do that. Seems like a great feature for password management.
The 1Password app design is top notch, much better than a couple other password managers I've looked at. The app and service are very flexible, allowing for many different types of data storage. The browser extensions generally work very well, allowing for easy access to login information while using pretty much any modern web browser.
I have never had any issues with 1Password and they have always been able to answer my questions adequately resolve my issues. Furthermore, they have a robust peer forum that can be accessed. They have helpful "Get to know Apps", videos and many articles to assist in the process of using the product.
I don't know any of the software in the list, but normally, I used to save logins in Chrome - whether work or private, in separate accounts of course. Chrome stores information, even credit card info in plain text, that is easy to crack. 1Password is a step up, or even, several steps up from there. The Master key is stored in a Google service though, that 1Password gave me in a pdf format, but I consider that safe
There were not very many solutions that provided the entire package of taking an account from creation and deactivating it when no longer needed, as well as providing the discovery of unknown service accounts. Other solutions like RoboForm and LastPass did not offer the ability to manage your service accounts and added layers of complication to ensure security.
1Password has empowered me to meet the stringent security demands of my organization without having to resort to complex, time-intensive encryption setups to store all of my various credentials. Instead of wasting time on building, configuring, and maintaining such infrastructure, 1Password manages it for me.
1Password's annual subscription pricing model is reasonable, given a great deal of value, it has provided me, both personally and in my business operations. I don't need to invest capital into secure storage infrastructure to ensure that I always have my credentials at my fingertips, and I prefer to have a dedicated, focused security company own the hardware behind this great service.
The fact that I control my 1Password account means that I can get double the use out of it: personal and professional account credentials sit side-by-side in my secure vault. Because I do not need to rely on my internal IT department to provide access, I am confident in storing whatever I need to store.
