I evaluated a bunch of team password managers last year.
Lastpass was really buggy and had a confusing UI. Dashlane also had odd limitations.
1password had a good UI but the "master key" system is difficult for users to use. It was also more expensive.
I ended up recommending Bitwarden. Surprisingly the open source option had a great UI and great clients, with the bonus of being open source on both ends.
> 1password had a good UI but the "master key" system is difficult for users to use. It was also more expensive.
Unsurprising, and at the same time it makes 1password's security scheme much more bullet proof.
You need that piece of information to identify the client, and even 1password doesn't have it, which means that when inevitably one of these cloud services gets attacked with success, it will less likely be them. Plus they can't see your stuff, that's a plus.
It’s surprising to me that the “master key” system on 1Password proved difficult for your users. For me, this is one of the simplest things about it: you remember one password that unlocks everything else.
Am I talking about the same thing as you when I call this password the “master key”? I feel like I must be as this is flat-out the thing that makes 1Password easy to use.
I think I may have read your review (did you make an article online?) and I'm now happily using Bitwarden. I just signed up for premium, not because I want the features, but because I want to support what they're doing.
Which enterprise password managers did you evaluate? Did you get a chance to take a look at SAASPASS? Is there a link to it? And what were your evaluation criteria?
Keepass is very difficult to use in an automated way and the open-source clients are buggy. I had to search for hours for an ancient Perl script which amazingly works with both 1.x and 2.x Keepass databases (still the only library I've found that does so), then write a custom app to convert the output into something else.
My understanding of LastPass (I am a user) is that you _do_ in fact have offline access to your vault. Your Master Password is also the encryption key. Did I miss something?
I was a paid user of LastPass for about a decade. I don't mind a subscription-based model, especially if there's cloud-syncing involved (I've evaluated the amount of risk I'm comfortable with, and cloud syncing is fine for my use case). Part of the benefit for a paid account is the ability to access your passwords when there's a network outage.
However, in the year before I left LP, they went down three times, at most for about 4 hours. Each time, I could not access my local vault, not through the browser extension, not through the Android app, and certainly not through the website; no matter what I did, it was nothing but errors, and their support was useless. It just would not work. That was enough to spook me and get me off their service.
I was complacent, thinking that no matter what, I could always see my vault, regardless of network status, until it actually hit the fan. I'm currently with 1Password, which is quite slick (their change on 2FA is what actually got me to give them a try), but I've killed network access to my devices and was able to access my vaults.
Just in case, though, I have KeePassXC as well. You never know.
1Password does support local storage, cloud is used for syncing to local storage so obviously in case of an outage you wouldn’t be able to sync updates. But you would be able to access and modify locally and then it would push when things came back online.
A local-only storage solution with your own syncing is by far the best way. Also, storing low security passwords (eg Netflix) in chrome / iOS keychain seems like a pretty safe trade off to me.
I'm still having issues convincing friends/family that the initial friction of a password manager and replacing all of your reused passwords is worth it at all.
Security is a battle of convenience, and we still haven't struck gold for the layman to have decent enough security hygiene.
Bitwarden is open source for both its clients and its server. I haven't tried it but it appears you can set it up for yourself at home and not use their cloud.
Lastpass was really buggy and had a confusing UI. Dashlane also had odd limitations.
1password had a good UI but the "master key" system is difficult for users to use. It was also more expensive.
I ended up recommending Bitwarden. Surprisingly the open source option had a great UI and great clients, with the bonus of being open source on both ends.