The Bitwarden Blog
Why companies are looking beyond browser-based password managers
May 4, 2022
As companies increase security to protect both the business and employees, password management becomes a critical defense. This employee-security starting point lets them generate strong and unique credentials for work, storing them in a safe, end-to-end encrypted manner.
Unfortunately, many companies leave employees on their own to handle tasks like creating passwords for the services they use, including everything from SSO login credentials to all of the websites and services that may not have SSO integration. When this happens, people generally resort to less than perfect choices, often with short or reused passwords.
Of course, internet users know that web browsers set defaults to capture your passwords. But is your browser really the right place to store all of that information? Many industry experts advise against this for individuals and beyond.
Increasingly, companies are moving to disable password management in browsers due to lack of cross-browser support, limited device compatibility, lack of sharing, and no auditing of credentials.
We’ll explore each of those areas in more detail.
With companies using a wide variety of cloud services and applications, they must be able to access applications across different browsers. Some web services optimize for specific browsers and using a single browser for all applications is simply not tenable in most workplaces.
Browser-based password managers cannot support these workflows. For example, you cannot easily access your Google Chrome passwords from Microsoft Edge.
Independent password managers allow you to access your credentials from any browser. As an example, Bitwarden supports browser extensions for Chrome, Firefox, Safari, Edge, Brave, Vivaldi, Opera, and Tor.
Some independent password managers, like Bitwarden, also enable you to access your credentials through a web vault, accessible from any browser without an extension, and packaged to support complete end-to-end encryption of your credentials.
Browser-based password managers focus on the browsers and operating systems specific to their parent companies. For example, the Chrome password manager will work well on Chrome and Android devices, and Apple Keychain will work well on iOS and MacOS devices. But today’s business world relies on multi-device and multi-operating system compatibility.
Independent password managers support a wide range of devices and operating systems. Bitwarden supports desktops across Windows, Mac, and Linux, mobile across Android and iOS, a command line interface, as well as browser extensions and the web vault mentioned earlier.
Browser-based password managers serve individuals. At work, we often collaborate with others, and need to find ways to do business faster, safely.
With independent password managers, employees can share credentials securely with end-to-end encryption. This leads to improved cooperation and the ability to move sensitive information safely throughout the organization.
Shared passwords for company-items allow new users to get going quickly, and immediately removes access for people who may leave the organization.
Within companies, IT teams appreciate the ability to audit events, and browser-based password managers do not offer this type of auditing or event logging, so there is little an IT team can do to help employees.
Independent password managers often log events that can be reviewed if needed. For example, Bitwarden offers event data within the application, which is also accessible via a RESTful API that can be exported to an existing security incident event management system (SIEM) such as Splunk or Kibana, among others.
While browser-based password managers are convenient for individuals, they fall short of a complete solution for business.
Of course, using any password manager is better than no password manager, but for companies of all sizes, an independent password manager sets a security foundation for both the business and employees with a broader feature set and enterprise capabilities.
To get started, begin your free 7-day business trial and learn more about how Bitwarden can bring value to your business. Or if you'd just like to use Bitwarden yourself to get going, launch your own free or premium account.
Back to Blog