Enterprise password managers

The weakest link in your networks security is the human component


RoboForm has been plying its trade for fifteen years now, and while it initially began as a consumer product it has since branched out to include mobile devices and sport enterprise features.

True to its name, RoboForm began as more than just a password manager and aims to make life easier for its users by auto-filling web forms with name, address and other details as well as the core of securely storing passwords. This comes in the form of Passcards, which includes data like user ids and associated passwords, and Identities which can include personalised information such as credit card numbers and driver’s license. Passcards also store web site data to help prevent phishing attacks -- if a user visits a fake site, it won't be recognised by RoboForm.


Finally, RoboForm sports another data type: Safenotes. These are essentially anything you want securely stored that doesn't fit into a Passcard or Identity, such as telnet passwords, ATM card PINs, software activation codes and the like.

In use, RoboForm adds a bar or drop-down menu (depending on browser) that allows you to fill out contact info, login to websites, and bookmark popular pages. Tutorials are included to help users make use of RoboForm's form-filling features, whilst an extensive set of options provides for managing Passcards and Identities, syncing with the cloud (if taking advantage of RoboForm Everywhere), and configuring the level of security for stored data (which can optionally include biometric fingerprint as a means of authentication). A password generator is also provided to automatically create strong alphanumeric passwords to a given length -- such that you can create strong passwords for a login and not have to worry about remembering them.

Much like some secure cloud storage services where if you forget the encryption key the host can't retrieve your data, if using RoboForm's cloud the database is encrypted using 256-bit AES based off the master password. If this is lost, not even RoboForm can recover the data for you, which is a good thing security wise. Alternatively, the database can be stored locally, also encrypted, anywhere that it can remain accessible (including over a network).

The Everywhere cloud does have another benefit however -- being able to sync Passcards, Identities and Safenotes among multiple devices, both workstation and mobile endpoints, means you can take your logins with you wherever you go.

All of these features are extended for the enterprise with support for easy bulk installs via SMS or Group Policy, Active Directory integration, master password recovery, leased logins, and the ability to share logins between users. You can also define user/administrator passwords (user can see but not edit for example form data). The RoboForm Console version provides for login and form-filling to be automated from the command line, which may be of use for IT wanting to issue commands from a start-up script.

Recent releases of RoboForm have expanded to support Windows applications too, such that auto-filling details can work with applications that have similar fields for entry. Lastly, a Roboform2Go variant allows for storing data on a portable USB drive with a browser so that secure logins can be taken on the road.

RoboForm supports Windows, MacOS X, Linux as operating systems; iOS, Android, Blackberry, Windows Phone, Palm and Symbian for mobile devices; and IE, Firefox, Chrome, Safari and Opera as browsers. Which pretty much covers all bases (though note the Linux browser plugins appear to lag behind its Windows counterparts, and not all features are available on Linux).

In terms of cost, RoboForm has a bit of a confusing mix between the license cost of the top tier Console edition with the individual licence costs per workstation that's different from also having the RoboForm client per workstation. But in general it’s around US$36 per workstation and US$1995 for the Enterprise Management Console. This is a one-time fee; however, there's a compulsory 1-year maintenance fee included in this initial pricing, providing 24/7 tech support and upgrades and updates to RoboForm. Ongoing, the maintenance cost for an enterprise of 100 users would be around $640 a year.

2. LastPass

3. Password Vault Manager

4. Pleasant Password Server

5. PassPack

6. Passwordstate

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags Linuxpassword managementLastPassCSO AustraliaMacOS Xkeylogging malwareEnterprise passwordnetwork loginsSafenotesPasswords Enex TestLabPassPackPassword valut managerPleasant password serverRoboform

More about 24/7BuiltDropboxGoogleindeedLinuxMicrosoftPalmPremiumRSASymbian

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Ashton Mills

Latest Videos

More videos

Blog Posts