Back when I was CISO of Quantopian, I did a competitive analysis of five different password managers because we wanted to switch the one the company was using. I wrote an article about that analysis which included an interactive grid for selecting important feature sets and then comparing any two of the password managers in the grid to each other to see which one came out on top. That article proved to be quite popular, and I eventually added a sixth password manager to the grid.
Below, I’ve upgraded the grid, fixing some errors in the original article, updating data which has changed since the original article was published, and adding a seventh password manager, RoboForm.
I’ve also added a new feature to the grid. If you check any of the boxes in the “Required?” column on the left, then password managers that don’t fully satisfy that requirement (i.e., they are rated “yes” for it) will be removed from the grid. This should make it easy to winnow down your choices quickly by selecting a few key features you care about.
For what it’s worth, at my current gig we’re leaning toward 1Password.
Recent changes (from Github)
Does browser menu show matching entries for current site?
by jikamens on January 26, 2020 at 10:07 pm
Does browser menu show matching entries for current site? Every password manager except Dashlane and Keeper shows matching entries for the current site in the browser menu. Dashlane claims to have that functionality but it doesn't appear to work properly, and Keeper doesn't have it at all.
Is password generator accessible stand-alone in the browser?
by jikamens on January 26, 2020 at 9:42 pm
Is password generator accessible stand-alone in the browser? Everyone but Keeper allows the password generator to be accessed in the browser stand-alone as an independent tool, i.e., not when creating or editing a vault entry or filling a password form.
Add row to the table for auto-fill hotkeys in browser
by jikamens on December 10, 2019 at 6:40 pm
Add row to the table for auto-fill hotkeys in browser 1Password, Bitwarden, and LastPass have keyboard shortcuts for accessing auto-fill functionality in the browser without using the mouse. RoboForm does too, but only on Internet Explorer. Dashlane, Keeper, and Zoho Vault don't.
Updates about Bitwarden directly from their team
by jikamens on December 10, 2019 at 4:25 pm
Updates about Bitwarden directly from their team * YubiKey is supported in iOS (NFC and Lighting) using Yubico OTP * Self-hosted Bitwarden can reset user's 2fa without losing data * 2fa can be enforced on the organization if Duo is used Bitwarden says these are currently in development: * Enterprise SAML SSO * Admins can access other people's unshared credentials * Lost master password recoverable in Enterprise without losing data * Admins can reset user's passwords
Merge pull request #1 from mackncheesiest/bitwarden
by jikamens on December 10, 2019 at 4:12 pm
Merge pull request #1 from mackncheesiest/bitwarden Updated YubiKey support in Android for Bitwarden