Your company may have alternate specific guidance for how you should set a password manager, verify with your IT and compliance teams.
HERE'S WHY
Passwords are a critical piece of security. Proper creation, storage, and sharing of passwords is made possible through Password Managers.
Below is a list of possible password managers your company may be using. Be sure to ask your IT Director or Manager which is the company's approved password manager. This should be stated in the company's Password Policy stored in Drata.
Password Managers:
If you use a password manager that is not being recognized, your Drata administrator can reach out to the Drata team to request it be evaluated to be added to the approved list.
HERE'S HOW
Download and install your company's approved password manager. It might already be installed on your workstation if your company is using an MDM tool (Kandji, Jamf, etc.). If you are using the Drata Application, it will report back to the Drata system that you are compliant.
Make sure that proper preferences are set for your password manager:
Strong unlock password
Auto-lock after 5 minutes of inactivity
Auto-lock at sleep
Mac OS Native Password Manager
Currently, we do not scan and monitor the Mac OS native Password manager, because MacOS does not provide a straightforward method to determine if the native Password manager is being actively used, which poses challenges for ensuring compliance and proper security monitoring.