Passing Around Passwords

My devotion to and affection for Agile Bits’ 1Password has been continual and unabated since I first started using this indispensable security utility several years ago. I rely on it many, many times a day, across several different devices, and it never lets me down. In fact, though I ostensibly use it to remember and generate passwords, I’m fond of saying that the real reason I use 1Password is so that I can tell other people how awesome 1Password is.

Yet 1Password is for the individual use case. It’s not so helpful for situations when passwords need to be shared by more than one person, in teams.

There are a few would be contenders trying to solve that problem by turning password management into a cloud service. Earlier tonight I tried Mitro. They have an attractively designed Web page but I found the product itself pretty lacking — it looks like it’s not even finished. To that point, Mitro currently ships only with an extension for Google Chrome, at least for now. I actively use three desktop browsers and at least two mobile browsers, and 1Password covers almost all of these scenarios — anything less is a tough pill to swallow.

To the Mitro’s credit, when I emailed the company about their missing browser extensions, someone got back to me right away, within minutes. Then again, when I sent a follow-up query, it went unanswered.

Compare that with competitor TeamPassword, whose founder and CEO Brian Sierakowski both emailed me and instant messaged me almost as soon as I signed up. Brian was super-friendly and helpful, and he promises that the TeamPassword solution is much closer to ‘1Password but for teams’ than Mitro’s, which is enticing. Still, I hit some snags in the login process, and while Brian is working with me to get them sorted, I have yet to get access to TeamPassword.

I also heard from members of the founding teams of both SimpleSafe and Meldium, which seem to do similar things. Unfortunately, I haven’t had a chance to try either of them out.

Obviously, this is a problem that a lot of people are thinking about actively, which makes me happy in spite of the unimpressive results so far. Even Agile Bits is working on this problem; the current iOS versions of 1Password incorporate a workflow for sharing passwords, and the Mac version will have the same soon, as the company details in this blog post. Their approach is similar to the one that LastPass uses, from what I understand. That is, they offer a means to send a password, but not a channel for doing so; there’s no cloud service attached to 1Password’s sharing mechanism. That’s a little disappointing, but in the end, it may be sufficient for what I need, because at the very least it will let me keep telling everyone I use 1Password.

+

5 Comments

  1. LastPass does let you share passwords; you enter the user’s email address and then they get access to log in to the account as an “Accepted Share Offer”. The password/auth token isn’t sent by email.

  2. Passwords should never be passed around at a professional setting. If you find yourself in a situation where you need to share passwords, then you should look into what systems you are using and why they don’t provide individual passwords for each user.

    For home settings it’s a little different. My password sharing is limited to things like sending my Netflix or utility company information to my wife. The new 1Password functionality helps but is far from ideal, since anyone with 1Password and access to the garbled text message could decode it.

  3. We’re using ZohoVault to manage team passwords – it has a seemingly rock-solid authentication method, and works quite nicely. My ideal would be a system that also enables grouped users or user levels.

  4. Thycotic SecretServer is available as a hosted service. Haven’t used it but we’re implementing the on-premise solution at work.