Skip to main content

Installing and Using a Password Manager

Password managers like 1Password, LastPass, and others should be used.

Updated over a week ago

Your company may have specific guidance on how to set up a password manager. Verify this with your IT and compliance teams.

HERE'S WHY

Passwords are a critical part of security. Proper creation, storage, and sharing of passwords are made easier with password managers.

Below is a list of possible password managers your company may be using. Be sure to ask your IT Director or Manager which password manager is approved by your company. This should be stated in the company's Password Policy stored in Drata.

Password Managers:

If you use a password manager that Drata does not recognize, your Drata administrator can contact the Drata team to request an evaluation for adding it to the approved list.

HERE'S HOW

Download and install your company's approved password manager. It might already be installed on your workstation if your company is using an MDM tool (Kandji, Jamf, etc.). If you are using the Drata Agent, it will automatically report your compliance status to Drata.

Make sure that proper preferences are set for your password manager:

  • Set a strong unlock password

  • Auto-lock after 5 minutes of inactivity

  • Auto-lock at sleep

macOS Native Password Manager

Currently, we do not scan and monitor the Mac OS native Password manager, because MacOS does not provide a straightforward method to determine if the native Password manager is being actively used, which poses challenges for ensuring compliance and proper security monitoring.

Did this answer your question?