Password Managers / Guide

Objective

• To provide guidance on password managers and to provide recommended options for which one to use

Environment

• 1209137: 1Password - UIT + CEC Staff Use
• (no asset record): BitWarden
• (no asset record): KeePass

About Password Managers

What is a password manager?

• A password manager is a computer program that allows users to store, generate, and manage their passwords for local applications and online services. It assists in generating and retrieving complex passwords, storing such passwords in an encrypted database or calculating them on demand

 

Is it safe?

• Password managers are designed to be secure. They are encrypted, with the ability to decrypt it being locked behind a password or some other method of authentication, with many offering the ability to use multi-factor authentication. What that means is that no one other than you can access your passwords, not even the companies that make the password managers

 

Advantages of using a password manager

• You don't have to memorize all your passwords. You only need to remember a single secure master password that unlocks your password vault. Because of this, you can use passwords that are much more complex than you would otherwise be able to if you had to memorize them
• Many password managers can auto-generate highly secure passwords for you
• Many password managers can save time by auto-filling credentials for faster access to online accounts
• Many password managers allow you to access your password vault anywhere, from any device

Recommended Password Managers

• We recommend the following password managers:
  • BitWarden
  • KeePass
  • 1Password

 

Comparisons

Similarities

• Have an encrypted "vault" in which to store unlimited passwords, notes, files, card information, and more
• Have the ability to search, add, edit, view, delete, and otherwise manage vault items
• Automatically sync across devices
• Have the ability to auto-generate secure passwords for you
• Have the ability to auto-fill passwords
• Have the option for use of multi-factor authentication

 

Differences

• Cost
  • BitWarden: Free
  • KeePass:  Free
  • 1Password:  Requires subscription
• Multi-factor authentication options
  • BitWarden: Includes five options, two of which are free
  • KeePass:  Does not use multi-factor due to being installed locally on the device
  • 1Password:  Uses a variety of different applications, including but not limited to Authy, Microsoft Authenticator, and Okta Verify
• Device sync
  • BitWarden: Can sync between all devices
  • KeePass:  Does not sync between devices, however it is portable and can be carried on a USB stick and accessed on Windows machines without being installed
  • 1Password: Can sync between all devices
• Account recovery upon forgetting master password
  • BitWarden: Account recovery options are extremely limited
  • KeePass: Does not have an account recovery process
  • 1Password:  Account recovery options are available through 1Password support

 

Note

• Learn more about password managers: https://www.youtube.com/watch?v=CtOh1-TUabU