Item: ManageEngine Password Manager Pro
Rating: 9
Author: Ludovic Huon

Use Cases and Deployment Scope

ManageEngine Password Manager Pro is widely used to manage all encrypted passwords for all of the IT teams, without having to store the keys on a local PC (even if encrypted and with advanced features like access audit, password complexity generation or periodical password renewal). Additionally, the software aims at suppressing all simple passwords and being compliant with security audits, and making segregations of who has access to which password based on an employee’s profile.

Pros and Cons

Keep trace of every password accessed with configurable reports, containing date, authors and actions driven
Segregation of duties per given employee profile to separate a group of passwords accessed
Auto generation of complex password with rules you can define
Periodical regeneration of passwords to be audit compliant
Segregation of resources and passwords through the admin console
High level of database encryption
Light client access through a simple browser / no local storage on pcs even if encrypted
Simplicity to use
Affordable at reasonable price, for both acquisition and maintenance

In some browsers the copy password function does not work well
The search engine sometimes returns blank results (all browsers included: Chrome, IE11)
New upgrades are not visible in the tool itself, like in other third party tools

Return on Investment

Reduce our overall cost of ownership thanks to this affordable password tool
Reduce time spent in the process or on tasks to remind a password to change or to apply policy directly integrated with the tool
Improve security through complexity and auto-regeneration
Improve change control for account passwords inside RFC process

Alternatives Considered

Dashlane

We selected Password Manager Pro because of active directory integration, compared to those PC tools. We wanted to have a central password tool accessible by a simple browser rather than having to install a heavy client on each admin PC or access to a database through a Windows share. We wanted to take advantage of complexity rules directly integrated with the tool itself and configurable given our internal policies. We wanted to segregate password access by the group of resources and different roles.

Other Software Used

SolarWinds Web Help Desk, Nagios, Microsoft Exchange, MS SharePoint, IFS Applications, Windows Server, WebEx Meetings, Symantec Endpoint Protection

Likelihood to Recommend

Password Manager Pro (PMP) is particularly well suited if you want to avoid using simple passwords, (stored in clear or encrypted), or avoid local password tools or storing them on a PC via a Windows application that does not answer some questions for a larger scale team size (segregation of profiles, audits, complexity, central storage, encryption, AD integration). PMP helps to manage privileges according to the admin profile to differentiate who has access to which password resources. PMP aims at eliminating procedures or tasks to auto regenerate passwords to be audit or SOX compliant, including proof of evidence.

Is your way of managing passwords secure ?

Overall Satisfaction with ManageEngine Password Manager Pro