Skip to main content

Sharing passwords: Any recommendations on tools for securely sharing passwords internally with team? Any recommendations on how to handle this in a way it does not impact security certifications (like SOC2)?

J
Written by Jasmine Sunga
Updated over 5 years ago

  • onelogin.com. here's their SOC2 compliance https://www.onelogin.com/compliance/soc-2-type-2

  • 1Password - not sure about compliance but as a tool is pretty cool and easy to manage

  • Dashlane

  • Lastpass seems SOC2 compliant https://blog.lastpass.com/2018/03/lastpass-earns-soc-2-type-ii-attestation.html/. Just pay attention when you accept an invite from a company owned account, the default mode is to make your personal account owned by company account so another admin can potentially terminate your access to company account and delete your personal account.  On the invitation page you can uncheck some box to keep them separate (I forgot the specifics). Otherwise, it's an awesome, cheap, generic tool for the job. A great feature is that you can share access to a service (like AWS for instance) with employees without actually giving them the password, cause LastPass will hide it from them.

Related Articles
Any recommendation for security accreditation/certification? Specifically ISO 27001 and SOC 2.
Did this answer your question?