Zoho Vault Password Manager fast factsOur rating: 3.9 stars out of 5 Pricing: Starts at $0.90 per user Key features
|
Zoho Vault is a business-oriented password manager that shines in its security dashboards and reporting capabilities, which are perfect for larger organizations.
While its decision to leave crumbs of user data unencrypted isn’t ideal, Zoho Vault presents enough security and team-focused features to make it at least worth the look.
Is Zoho Vault free?
Yes, Zoho Vault has a generous free plan that allows for unlimited password storage and access on an unlimited number of devices. This makes Zoho Vault a good choice for a free password manager compared to competitors like Dashlane, which only allows 25 passwords on its free plan.
With Zoho Vault’s free version, you lose out on premium features such as breached password alerts, password sharing, shared folders and cloud backup. But for a basic password management solution, this free option is a solid pick.
Zoho Vault pricing
Zoho Vault has three paid tiers: Standard, Professional and Enterprise. It offers a 15-day free trial for all three plans, without any payment information required. I commend Zoho for being generous in its free trial access, especially in offering the trial across all plans. Many password managers only offer a free trial for one plan.
Standard | Professional | Enterprise | |
---|---|---|---|
Monthly | $1 per user per month | $5 per user per month (minimum 5 users) | $8 per user per month (minimum 5 users) |
Yearly | $0.90 per user per month | $4.50 per user per month (minimum 5 users) | $7.20 per user per month (minimum 5 users) |
Main Differences |
|
|
|
Zoho Vault’s Standard plan is inexpensive at $0.90 per user per month, but it lacks important features. For example, NordPass’ comparable Premium plan has breach scanning built in, while Keeper’s Personal subscription includes Emergency Access functionality — features you can only access on Zoho Vault’s Professional plan.
Of the three plans, I find Zoho Vault’s Enterprise plan to be the best value. It comes with meaningful enterprise features such as time-limited access to passwords, a password request-release mechanism and help desk integration.
These advanced access control features will benefit IT managers who regularly manage password requests on a large scale, as automating password access can save them more time in their workflow.
Zoho Vault Professional can be a good option, too. It allows for five users and provides more features than Zoho Vault Standard, like password breach alerts, shared folders and auto-changing passwords.
Take note that at $4.50 per user per month, Zoho Vault Professional is on the pricier end as a teams subscription. For those on a budget, Keeper’s Business plan at $3.75 per user or 1Password’s Teams Starter Pack at $19.95 for 10 users are more affordable options.
Given Zoho Vault’s 15-day free trials, I recommend going for the free trial of the plan that fits your business’ size and needs.
Is Zoho Vault safe?
While Zoho Vault has strong security features, there is an area of concern with its encryption system. Zoho Vault utilizes military-grade AES 256 encryption — widely considered the strongest encryption standard today.
While Zoho says that all sensitive fields are encrypted, it admits that some data in its application is left unencrypted. According to its official security specifications document, the app leaves password names, URLs, descriptions, label names and tags unencrypted “to help users search for passwords, manage audit logs and automatically log in to websites.”
If you recall from our LastPass review, part of the data breaches LastPass experienced involved malicious actors getting ahold of unencrypted user data, which also included website URLs.
While Zoho Vault hasn’t reported being involved in any data breaches, these unencrypted fields — websites visited (URLs) in particular — may serve as a potential target for hackers to trace user accounts and possibly hack them. I hope Zoho Vault updates their field encryption to encrypt all data instead, lessening the risk of bad actors taking advantage of stolen information.
To its credit, Zoho Vault is certified as SOC 2 Type II compliant. This means that Zoho Vault’s systems pass security, privacy and confidentiality standards and are designed to keep sensitive user data safe.
Overall, while Zoho Vault can be considered safe, it definitely has room for improvement in safeguarding against possible attacks from malicious parties.
Key features of Zoho Vault
Aside from password generation and storage, Zoho Vault comes with team-focused features that business managers will find useful.
Super Audit functionality
Super Audit is Zoho Vault’s version of a system-wide log of all events and actions that happen within an organization’s vault. This includes actions like password sharing, password deletion, accessed folders and any other action that occurs within the application.
Figure A
All logs include the user concerned, the action, the date and time and the originating IP address.
This is especially useful for IT managers or system administrators who want to keep track of user activity within a vault. This is also a nifty fall-back tool in the event that suspicious activity arises regarding an organization’s passwords.
I like that Super Audit logs are tamper-proof and cannot be deleted. This makes it an essential monitoring tool, especially for businesses with larger teams.
Reports dashboard
Another key Zoho Vault feature is its extensive Reports section, which provides an overview on different aspects of a business’ password usage.
Figure B
Managers can use the reports dashboard to generate reports on Password Access, Password Policy Compliance, Shared Passwords, Shared Passwords with Third Parties and other relevant data. Every tab on the reports dashboard can produce an exportable PDF that can be used for presentations and reporting.
This is a convenient feature for supervisors who regularly report on their business’ overall security practices — which includes password management.
Password Assessment Score
Zoho Vault comes with a Password Assessment Score feature that outlines a business’ general password health. While this is a common feature, I like how Zoho Vault displays statistics on specific password mistakes that users usually make.
Figure C
Instead of merely showing a password’s overall strength, Zoho’s assessment score calls out passwords that include usernames, dictionary words and recycled passwords.
This can be helpful for managers who want some baseline information on what needs to be improved in their business or team’s password practices.
Zoho Vault authentication and security options
For multi-factor authentication, Zoho Vault offers passwordless logins like YubiKey, Passkeys, Windows Hello and TouchID on all Zoho Vault plans — including the free version. You can also use Zoho’s own Zoho OneAuth MFA authentication app as a second factor across the board as well.
I laud Zoho for not skimping out on MFA for its free users, as this is a crucial part of any password management system.
For more MFA options, you will have to purchase a paid subscription. Microsoft 365 and Google Workspace authentication are available for Standard and above. Finally, AD/LDAP, Azure AD and SAML 2.0 authentication are only offered for Enterprise users.
In terms of security options, Zoho Vault has a customizable password policy feature that lets admins create and save numerous password policies and set defaults for the organization.
Paid users also get access to fine-grained and role-based permissions, which allow admins to enforce rules such as restricting users from storing personal passwords or disabling access to Zoho Vault passwords from the mobile app.
Zoho Vault app experience
I used Zoho Vault’s Enterprise version on my Windows laptop, and I found the interface to be easy to use and decently designed.
Figure D
I didn’t have any trouble with storing and generating passwords, and nothing felt misplaced or hard to access within the app itself. I also appreciate how Zoho provides a quick tour of its application once you set it up.
Figure E
Zoho has a browser extension, which I recommend you download.
Figure F
It makes saving new logins and generating passwords much easier, as you can easily access it from the browser.
Zoho Vault mobile app
Zoho Vault offers mobile apps for both iOS and Android. I tried Zoho Vault on my Google Pixel 6 and found it a bit bare-bones in terms of functionality. While the password generator and storage vault are there, it doesn’t have any additional features like the password health scoring you get on the desktop app.
This is a shame since other password managers have at least one extra feature included on the mobile counterpart, like 1Password including its Watchtower password health feature or Keeper having its BreachWatch data breach scanner on the mobile app.
There are practical security features such as the option to lock the vault when you lock your device, auto-lock after a set period of time and biometrics log in.
The Zoho Vault mobile app also blacks out any screenshot by default — which is an underrated privacy feature against hackers that may steal passwords on your phone. However, I do wish Zoho provided a toggle to turn this off in the event you need to show a colleague where a password is located via screenshot.
Zoho Vault pros
- Management-focused feature set.
- AES-256 encryption.
- Extensive multi-factor authentication options.
- Free trial doesn’t require a credit card.
- 15-day free trial across all plans.
- Integrations with other business services.
- Generous free plan with unlimited passwords.
Zoho Vault cons
- Leaves some user data unencrypted.
- Free version doesn’t include data breach alerts.
- Most standout features are in paid plans.
- May not be best for individual users.
- Pricey Professional teams plan.
- Bare-bones mobile app.
Zoho Vault alternatives
If, after reviewing, you feel that Zoho Vault isn’t right for your business, I’ve listed three alternative password managers that may be better options.
Keeper
If your business regularly works with freelancers or contractors, I recommend Keeper. It comes with a convenient One-Time Share feature that allows password sharing with third parties without requiring them to create a Keeper account. On top of this, Keeper adopts a zero-knowledge architecture that ensures only Keeper users have access to data stored in their vaults.
NordPass
For fans of NordVPN, NordPass is a no-brainer. It offers the more modern XChaCha20 encryption and a sleek desktop application for a well-rounded and secure user experience. It’s also one of the few password managers that offers longer 2-year plans to get a more affordable monthly fee.
1Password
Frequent travelers should consider 1Password. It comes with a unique Travel Mode feature that lets you set passwords as “safe for travel,” hiding unselected passwords from your vault until Travel Mode is turned off. This is useful for business travelers who are worried about customs or border officials accessing their phones and leaking sensitive password data.
Is Zoho Vault worth it?
Zoho Vault is a capable password manager that’s best for enterprises and medium-sized businesses, given its management-focused feature set. In particular, its reports dashboard, auditing features and advanced access control functionality are perfect for administrators who manage larger organizations.
It also features a variety of integrations with other business services, such as Azure, Google Workspace and Okta.
While Zoho’s questionable decision to store unencrypted data is a sore spot, its 15-day free trials across all plans and high-end encryption make at least trying out its service worth the time.
Review methodology
My review of Zoho Vault involved a detailed analysis of its security features, price and real-world performance. I had hands-on experience with Zoho Vault through a 15-day free trial of its Enterprise plan.
To test Zoho Vault, I used its web application and browser extension on my Windows laptop and its mobile app on my Google Pixel 6.
I rated Zoho Vault on everything, from its password management features to its pricing, based on an internal algorithm to get a rating of 3.9 out of 5 stars. The scoring was based both on Zoho Vault on its own and in relation to other password managers in the market.