For a while now I have been testing LastPass personally to help manage, and secure my list of passwords as a network administrator. Recently I have been contacted by Keeper to discuss they software offering. I have been playing with the idea of implementing an enterprise password manager across our environment help my users manage their passwords, and make it easier to improve the security of said passwords.
So I put it to you all, does anyone have any experience with doing this, and if so what would you recommend? I am looking to not have to dedicate too much of my time or energy to deploy this, so I am willing to pay a little more for a service that is easier to implement/manage.
I have personally used the enterprise version of LastPass and can give it 10 stars. The management of the enterprise level is amazing. One thing I will recommend is make sure you setup your encryption before creating additional users as it will cause issues later on when you want to reset master passwords. IT is a great asset in the event someone leaves the company and is the type of person who is secretive about their job. Unfortunately had to rebuild an entire environment because the old admin left and didn’t leave the root passwords for multiple systems including our hypervisors. It was a mess. Thank God for LastPass as it saved myself and my boss at the time lots of headaches as we were able to share passwords in a secure manner. Very easy to deploy as well. I believe there is even an MSI file that can be pushed out through AD or if you use Chcolatey I believe they have a package as well for lastpass.
We use the enterprise version of Keeper and have had a great experience with it. The version that we have also allows our end users to have a separate, personal account as well so that they can keep all of their personal passwords separate from their work account. Overall, I highly recommend it. Our biggest challenge has been to have people consistently use it.
This selfhosted website says that the python based rattic is more mature code wise at Level5 (L5) as opposed to the Level2 ranking of either php based sysPass or teamPass.
My use case is on a private LAN and would restrict any attempts at reaching out to the internet.