Fixing MSP Password Chaos (EP 1016)

I bring Chris Skipworth from Passpack on to talk candidly about the invoice you never want to receive, the true downstream cost of a breach when your MSP is at the center of your clients’ credential universe. Chris walks through how Passpack evolved from a consumer tool into a B2B zero knowledge password and credential manager that simplifies policies, improves accountability, and actually gets adopted by normal business users.
Let’s be honest, most of us as MSPs are still faking it when it comes to credential management, with passwords scattered across browser managers, Excel, Google Docs, old ticket notes, and that one tech who “just knows” where everything lives. In this conversation with Passpack CEO Chris Skipworth, we unpack the real mess behind password sprawl, painful offboarding, and ghost access for ex employees, and why that puts you one incident away from explaining to a client how someone walked in the digital back door. Chris explains how Passpack took a consumer focused Italian brand and rebuilt it into a B2B zero knowledge, browser based platform for teams, focused on adoption, reporting, and shared access that small and mid sized business users will actually use.
We get into how Passpack compares with familiar names like Keeper, 1Password, and LastPass, and why they chose to encrypt individual records instead of entire databases to raise the bar on security while keeping the tool simple for MSPs and SMBs. You’ll hear why they prefer working with MSPs and businesses over consumers, how they think about real time updates and accountability for “who has access to what and when,” and how aggressive, easy to understand pricing helps you roll out an enterprise level credential solution without a massive learning curve.
Chapters
- 00:33 Passwords and Breach Risks
- 02:27 MSP Credential Management
- 06:04 Business Features Unpacked
- 07:56 Sharing and Offboarding
- 11:43 Browser Logging and Setup
- 13:16 Offboarding Done Right
- 15:43 Passpack’s Acquisition Story
- 20:19 Modernizing the Platform
- 21:48 Simplicity Over Complexity
- 23:51 Global Compliance Differences
- 25:34 Passwords Aren’t Going Away
- 28:11 MFA and Passkeys Ahead
- 30:08 MSP Resources and Security
- 32:09 Henge Partnership in Japan
- 33:50 Final Takeaways
=== Guest: Christopher “Chris” Skipworth, Passpack
- Website: https://www.passpack.com
- LinkedIn: https://www.linkedin.com/in/christopher-skipworth
=== Companies / Vendors / Products / Books
- Passpack: https://www.passpack.com
- Keeper (Keeper Security): https://www.keepersecurity.com
- 1Password: https://1password.com
- LastPass: https://www.lastpass.com
=== SPONSORS:
- Livestream Partner, ThreatLocker: https://www.itbusinesspodcast.com/threatlocker
- Technology Partner, NetAlly: https://www.itbusinesspodcast.com/netally/
- Technology Partner: Bvoip: https://www.itbusinesspodcast.com/bvoip
- Travel Partner: TruGrid: https://www.itbusinesspodcast.com/trugrid
- Digital Partner, Designer Ready: http://itbusinesspodcast.com/designerready
=== SHOW MUSIC:
- Item Title: Upbeat & Fun Sports Rock Logo
- Item URL: https://elements.envato.com/upbeat-fun-sports-rock-logo-CSR3UET
- Author Username: AlexanderRufire
- Item License Code: 7X9F52DNML
=== Connect with Uncle Marv
🌐 Website: https://www.itbusinesspodcast.com/
🎙 Host: Marvin Bee
🛒 Uncle Marv’s Amazon Store (gear & tools I recommend): https://amzn.to/3EiyKoZ
☕ Support the show: https://ko-fi.com/itbusinesspodcast
If you found value in this episode, share it with another MSP, IT provider, or tech entrepreneur. Your support helps keep practical, no-nonsense IT business conversations coming every week.
[0:14] Another episode of the IT Business Podcast, a show for IT professionals, managed service providers.
[0:21] It's the show where we help you run your business better, smarter, and faster. So today, we are going to be talking about one of those things that everybody says they do it, but I think if we were honest, most IT shops and MSPs are still faking their way through password and credential management. So if you are supporting small and mid-sized businesses, you know the truth. Credentials are scattered across browser password managers. They're on Excel spreadsheets, Google Docs, old ticket notes, stickies underneath the keyboard. And there's usually one tech brain that kind of just knows where everything is. Another big point is we have offboarding issues. It's messy. Shared accounts are everywhere. and you are just one incident away from having
[1:15] to explain to a client why an ex-employee might still have access. Well, today we're going to get into that whole mess. My guest today, Christopher Chris Skipworth, who is the CEO of Passpack. They are a B2B password and credentials manager software, and they have pivoted into the SMB and the MSP space after acquiring and rebuilding what started as a consumer-focused Italian brand.
[1:49] Chris runs a zero-knowledge browser-based platform designed for teams with a big emphasis on adoption, reporting, and shared access that normal users will actually use. So, Chris, welcome to the show. Thank you, Marv. It's a pleasure to be here today. So thank you very much for taking the time, and it's a pleasure to meet you and all your clients and subscribers. So very thrilled to be here. Thanks. All right. Well, so your company is kind of new to our space, although it's not new-new, but it's new amongst us in the managed services world. So give us really quick a background on how that all came to be.
[2:33] Well yeah going back in time Passpack was really a consumer-based product as you said and really in that particular environment we were dealing with one or two small types of users really but we definitely saw the requirement to increase security for the small to medium-sized business and hence the MSP falls into that category so really and as an MSP Marv you well know that you're probably handling hundreds if not thousands of credentials and you're really at the center of your client world when you do that so you have to be trusted and you have to be able to distribute these credentials correctly to your clients they have to be updated real time and very important in this modern day and age you have to have accountability around who has access to which particular credentials and when so we saw a definite market requirement for that and it's certainly a very...
[3:30] Uh interesting growth part of the business today as we see more breaches going on in the marketplace funny enough i did a presentation in phoenix Arizona a small business conference going back.
[3:43] About three or four weeks now and it was entitled the invoice you do not want to receive and basically it talks about the cost of a breach which can occur if your information is breached and then you're and downstream of that then your client information is actually breached so, Plus the fact, we find it much more professional and better to deal with businesses and MSPs than actually consumers. They're much more in tune with what's going on around them, basically. Absolutely. Yeah, I understand the issues much better. All right. Let me ask you this question and kind of get this out of the way. So most MSPs know products like Keeper, 1Password, LastPass, some of those name brands are available.
[4:33] They resonate with us a lot because we know their names. So where does Passpack relate to those products, and where do you guys think that those products are falling short?
[4:47] Okay, that's a very good question. Well, Passpack is a very similar product to Keeper and 1Password, and by the way, they're very fine companies. We aim to actually simplify the tools for our users, make it easy for small to medium-sized businesses to actually operate a sensible security policy around credentials and how those credentials are shared.
[5:10] The security employed in Passpack with its zero-knowledge database is extremely high. Basically, we encrypt individual records rather than encrypting whole databases. Not that I want to get into a technical description, but there's definitely advantages around the way that Passpack actually secures information. And we aim to really have an enterprise level product at a very aggressive price in the marketplace which people can understand how to use and get going very quickly within their business environment so that's it in a nutshell the only people out there doing it but we aim to be one of the best people out there supplying this type of service absolutely all right well let me ask the next question that i think people would want to know the answer to is we described this as taking a consumer-based product and turning it into a product that works with, small businesses, managed service providers. So tell me how that works. How do you take a consumer product and turn it into something that MSPs will want to use? Right. Well, basically, actually, in fairness, Passpack, when it was first introduced, was really tailored at both the consumer and the business, really. So it wasn't purely a consumer product.
[6:29] Consumers adopted it because, and I hate to say this, essentially it had a free of charge level plan, which everybody adopted. But really, within that mix of customers, we had a lot of serious customers which are still using Passpack today. So what we did was take the business features of the original pass pack and basically we've actually enhanced them we've got a two-tier plan we've got an introductory low-cost plan which gives you the basic functionality and then we have a higher level business plan which gives you things like single sign-on multi-admin and detailed reporting and that list goes on the idea being is the strategy being is that we build out the business plan to incorporate more features and offer it at a very attractive price in the marketplace against our competition. So we still have single users and single users can certainly sign up, especially if they're using or have a long list of passwords, like several hundred passwords they want to organize and keep safe away from their browser password manager. But our core focus is really moving up to the small to medium-sized business with the business plan within Passpack and offering more features at a very competitive pricing point.
[7:44] Okay, so you talked about some of the features that we would look forward to, the multi-tenant, and is it true that you can manage all of the passwords, including, you know, those in 365, Active Directory, users, browsers, all of that, and we can grab everything? Well, we can actually grab a password, certainly from browser passwords managers. We can certainly integrate with Active Directory in Microsoft and Google. We are introducing Okta support later in the year. So there's those advanced features. So basically, once the passwords are actually into Passpack or the credentials are registered with Passpack, it's a very secure environment. It's very easy to set up your connections to your team members by sending a quick email invite or you can do a bulk provisioning of external members and then from there you set up the teams and you share the passwords into your specific teams of people and what that does really is ensures that the teams of peoples you have say your finance division or your business or your marketing division only have the credentials which they need to operate the functionality which they're actually responsible for.
[8:59] The other side of that, of course, is you can actually log what the users are doing real-time in terms of when they're logging in. So you can generate an audit trail of user activity, um it also becomes very easy to actually off-board a team member in that type of environment and as you mentioned in your introduction which was very good by the way um off-boarding is one of the most common ways a company gets breached basically right especially i was talking to a legal company last week and they say well we have an issue we have lots of uh of uh basically subcontractors or paralegals that come in they need temporary access to a particular set of resources we give them access, then they leave, but nobody thinks to actually remove them from the organization. So they still have access when they leave. And if that's not managed correctly, it's a very easy way for a small business to get breached.
[9:55] Well, I mean, that certainly is a big thing. I know that I work with clients sometimes and they want to leave an account active so that somebody else in the organization can access their emails and all of that stuff. And, you know, we've put things in place where we're like, no, we're not going to do it. We're going to, you know, we'll turn it into a shared mailbox. We'll give you some other access, but we're not going to keep those passwords active. The other part of that is sometimes we don't know all the things that the users have signed up for with their email address, their work email address. Right. Yeah. Figured out a way to kind of go in and help with that I.
[10:37] Well, actually, yeah, I mean, basically when a user signs up, I mean, the users could sign up for a lot of services. And actually, if they're signing up with a business email address, it can certainly be a problem, right? Absolutely. Because, you know, you've got services which you didn't realize you're actually registered for. In terms of monitoring what those passwords are, that's a bit more tricky for us to do because we have to have access to physically what they've done. Right. But we make it very easy, especially with the Passpack browser extension, which just loads into your browser. When you register for a particular service, what it does is log the actual credentials for that particular service and automatically records what those logging credentials are within the Passpack environment. So there is actually a physical record kept centrally within the organization. I don't think anybody's really got a good solution for when somebody decides to sign up for an account using a particular email address outside of a particular environment, right? It's a very tricky thing to actually monitor.
[11:41] Unless you've got access to that person's email, then you can see what they're actually doing.
[11:45] But, of course, that has its own particular security issues around it as well. So, yeah. Now, does this require an agent to be installed on these stations so that it can be running, you know, when the users log in, when they go to their browser, so that if they do sign up for something on a website, it will prompt to say, save this and things like that. Is it an agent? Is it a service? How does that work? You know, it's actually a service. So basically, it's a cloud-based service. There's nothing to actually install on your PC other than the browser extension I just mentioned, really. So typically, what would happen with Passpack is the central administrator would set up the main Passpack account, load the organization's passwords into that particular account, and then invite the team members to join and then populate those team member accounts with the passwords required.
[12:35] And the browser extension would actually help the actual user log in easily and effectively fits in with the workflow helps productivity as i say also if the team member decides to actually create a password it actually logs those credentials and puts them within the pass pack account basically so um the and the admin does have access to team member accounts there's a there's a mechanism where the admin has visibility to all passwords within the organization, basically. So nothing is kept away from the admin, um, which of course in the event of somebody leaving an organization can be a particular issue so yeah, right now you talked about off-boarding and i brought it up because i knew that that was a big thing for you um let's start with what have you noticed that are some of the uh more notorious ways that we screw up off-boarding well basically uh it's fairly straightforward really basically with off-boarding uh you know it starts off from a level of trust you know a particular employee you want them to have access to particular services and applications within the organization so you actually share them passwords um.
[13:52] What tends to happen is that when that employee leaves, their privileges aren't revoked in that process. With Passpack, you can easily revoke their privileges. The most important thing to remember, just revoking the privileges doesn't necessarily mean they've stopped having access. You certainly have to rotate the passwords that that particular person had access to, basically change the password. So the old login credentials they had are non-active.
[14:21] Um so anyway so it's a two-step process first remove the person from the organization secondly update the passwords which that person had access to so they're not uh they're not active anymore and within Passpack we have this team structure where the other team members will automatically be updated with the new password and the old person would be removed from the organization so um so anyway i simply put off boarding but the most simple i mean the most common way a company is breached or one of the most common ways is this off-boarding issue where people forget that a person had access and it may be an old app that somebody had access to or there may be some legacy issues around this person that this person had access to services which they shouldn't necessarily have. It's especially critical if a person is leaving either is leaving under bad terms with the company or is leaving to go to a competitive company, which happens pretty much all the time, especially as we're in this particular economy where we seem to have quite a few layoffs going on and people changing jobs. So the offboarding issue does become a bigger one for organizations. Absolutely.
[15:31] All right. Now, let's kind of go back. And I know that we talked about you guys, you know, retooling this, getting into the managed services space. Passpack, now, did you join in 2012 or did the company start in 2012? Well actually two well actually 2012 was when we acquired the company out of Italy okay and i basically was the uh at that point i was an investor in the company i came the CEO just a little bit later on after that point basically so yeah okay um so yeah going back in time that's a that's a while back uh we certainly had uh it's one of these things that with very large um software systems it looks relatively straightforward to do but when you get into the mechanics of doing software, it can be quite complicated. So it took a little bit longer than we thought to actually get into the marketplace. But here we are.
[16:31] Okay, so when it came to making this something that, you know, a managed service provider would like, I imagine you went through a period where you, you know, rolled this out to a few, got some thoughts and feedback and stuff. What were some of the things that really stuck out in the early days? Well, certainly. Well, just going back to my bit of background, I've also run like an MSP company in my time, Marv. So I understand the issues of dealing with different vendors and lots of different clients. So really, the MSP fit for Passpack was somewhat of a straightforward, well, a more straightforward migration, basically. Okay. But I think the biggest thing about as an MSP, as I was in that type of business, was keeping client confidential, keeping client credentials confidential and keeping them separate from each other. So you've got to have clear boundaries and clear segregation of how these credentials are used, how they use their traceability. And to make sure that one particular access credential is not shared between the two clients, which could obviously have a big competitive impact on the MSP's business and also the client's business as well. So some of the basic things anyway around that. The other side of it is compliance is becoming much more of an issue.
[17:52] And certainly MSPs have to be compliant. um they need to um what's the word promote the security they have internally to their end clients it's a selling feature for MSP used to say how we handle our client data why is it secure with us why can you trust us you know all these all these basic business arguments which a client would actually really want to uh want to know before doing business with a particular MSP.
[18:21] So again another avenue client security is an asset i think is something which should be promoted by, by people doing business with their end clients it's uh it's an important uh it's an important feature to actually promote and in some states and countries it's becoming a requirement before you can do business with certain types of clients as well absolutely right uh so pass uh pass pack uh if i remember correctly that uh started in the credit card space is that correct well actually no that was a different company that's how i originally i was in i was in the payments industry a little bit um gotcha uh all the all the company was and uh the password manager was a subset of that and basically regulation changed in the credit card business and um.
[19:10] We had password management as a subset of that particular product, and that's really what led us into the password management space. And then we were able to acquire Passpack, and then we moved into the SMB space with Passpack. So that's just a very quick synopsis of the process. Of the migration of Passpack, really. Around all that, though, very heavy levels of encryption. We have some very, very good, qualified encryption engineers with us, very security minded. So it's, yeah, so all of it plays into somewhat of the same type of solution, the zero-knowledge type of solution where data has to be protected to the highest degree. Right. Okay, so, all right, got my histories a little mixed up there. I knew I was digging around with... No, it's okay. There is a history here, certainly, Marvin. Yeah, absolutely.
[20:08] When you acquired Passpack, was there anything that you had to strip away, like stuff that didn't work, didn't scale, that sort of thing? Well, it wasn't so much that it didn't work. The scalability was potentially an issue with Passpack, but basically the main issue was that the UI was very old, the user interface very old, and the feature set wasn't there for a modern-day user. If you look at the latest version of Pass Pack, it's a very modern UI, UX experience. We have all the features required of a modern-day solution. But with the old Pass Pack, yes, it was old and it looked a bit like a very early version of Windows. Somebody described it once, you know, with the clunky icons and only about three colors on the screen. It had green, gray, and white, I think it had. So we've brought the whole UI UX experience fully up to date with Passpack for the business world.
[21:04] But the fundamental technology of Passpack was very sound. I want to make that clear. Basically, it was the encryption levels and the way data was actually stored was to the highest standard. And it had some very good engineers from the original Passpack who actually did that design. Right. So you didn't have to rebuild it from scratch. No, we didn't. But we did get a very good brand name. It's a pass pack was branded within Europe initially. And yeah, it still has a very good following in many quarters. So, yeah, absolutely.
[21:38] All right. I saw a post on your LinkedIn. I can't remember how long ago it was, but, you know, It was talking about how sometimes we make security tools a little too complex. Of course, we know that a lot of them are expensive or too disruptive.
[21:57] You talk about that. Do you remember that post? I do remember that post. It sort of plays again into the presentation I did in Arizona, where really I had a room full of small business users I was presenting to. So one of the things is with security, there's probably five or six, seven basic steps you want to take to make sure your business is more secure. You know, things like making strong passwords, making sure you've got multi-factor authentication installed, making sure as to your excellent introduction, you don't have sticky notes on the side of the PC or spreadsheets, you know, hanging around with passwords on. The big part of that is making sure that all your users in the organization are actually using the tools that you provide. A lot of times, if they're not easy to use, your users in the organization will not use them. They'll see them more as a barrier to use. So that's one of the main goals behind Passpack is to make sure the tool is user-friendly, easy to set up, and easy to actually work with in a business environment. And we have all levels of users within Passpack. We have the very experienced IT managers, CTOs, right down to the person that has never really used online security before so we have to make Passpack um.
[23:12] Very easy to use and very straightforward. It's always the trade-off, the most common trade-off is convenience versus security, right? The more convenient a particular solution is, the less secure it typically is. And so in there, there's actually a balance that needs to be struck, absolutely. So we want to supply all the basic tools that a small business needs simply at a very competitive price, by the way, as well, at a very aggressive price.
[23:39] All right uh and uh pass pack was uh born out of Italy right well that's where the visual designers were but its main focus was always the USA in fact uh you know pass pack uh really didn't support any other languages for a long time other than actually English so it's uh yeah but uh it now supports multi-language uh so it was uh and we are we've actually just opened up some European infrastructure to actually support our European customers as well.
[24:09] So Roger, we want to make it a true international product, basically, which everybody can use. So, yeah. Yeah, that scratches the question I was going to ask because I wanted to know if there was a difference in the way that, you know, other countries looked at password security versus the US. Well, I think if you actually went around Europe, I mean, there's certainly more, stringent rules around compliance within Europe of how a customer data is actually held and also the legal ramifications for getting breached are stronger depending on the country you go into in Europe basically. And we're starting to see some of that here in the US. California is probably the leader in terms of data compliances and penalties when data is actually breached, but I'm sure other states will follow suit along those lines depending where you are in the US. I mean, one of the main sort of hacks or features, supply chains are very vulnerable to being hacked, basically, because if a person hacks the top of the supply chain, then they get access to all the downstream customers, right? So there's lots of regulation and compliance around doing business with supply chain providers and customers, really, especially in the European marketplace.
[25:22] All right. So having said that, do you see any difference in what's coming down the line for passwords, credential management, identity security? Any insight there?
[25:39] What's coming down the line for passwords is actually very interesting. I mean, I think we've all been waiting for the password to be replaced by something. Uh it never seems to and that's a good reason for that an it's well understood by all users and that goes down to the um to the understanding all users have of passwords it's ubiquitous in the in the marketplace it's easy to understand it's very easy to implement it has a low cost associated with it certainly have things like pass keys which have their place in the business absolutely um within an organization one of password Passpack's um big benefits is that it securely shares passwords and that's a big issue it's very you still need a credential which you can share between your employees for them to gain access to particular resources and one that can be controlled updated and changed easily so but i think you're probably going to see more exotic forms of uh.
[26:37] Of authentication maybe as uh as things go i mean the other side of this business is that breaches are becoming more significant thanks to ai you're seeing more breaches um occur because weak passwords can be hacked easily by ai some people are foolish enough to go into their ai model and ask it to generate strong password then of course it's in the it's in the ai learning model um so yeah so you want to be very careful in this day of ai um generating a strong long password is uh is one of the best security things which you can do for your own personal data and for your business absolutely um is anything going to replace the password i don't see it on the.
[27:24] For general replacement, but there are certainly applications out there which will do various things. Various markets will find various authentication methods outside of the password. The interesting thing is if that authentication method actually fails, then the backup tends to be a password. So as always, if for instance a more glamorous biometric method of logging in fails and the backup behind that tends to be a password or a string of numbers or something you know so passwords probably aren't going anywhere really anytime soon well i know that you talked about you're looking at integration with okta uh and everybody is trying to add on as much authentication as possible whether it's you know one-time passwords or you know the apps that, you know, will sync up with your security and stuff.
[28:21] The authenticators, biometrics, all of that stuff. So how do you see where Passpack will integrate with all those authenticators? Well, basically, I mean, well, and we haven't really touched on it, but MFA is a big thing that a business needs to do to protect its information. It's one of the most simplest basic things, and we all know we all should be using MFA, basically. Within Passpack, in fact, it's rolling out within the next week is we are going to support one-time passwords which enable the user to generate a unique code alongside a particular password to give an extra level of authentication alongside that. And We're looking at passkeys and how to implement and do something with passkeys basically within the actual login environment. Passkeys are obviously inherently designed not to be shared, so for the business environment it makes it a little bit more challenging, but they do have their uses in certain applications. In terms of authentication, basically there's.
[29:26] More elaborate MFAs which scan various parameters of a person to make sure it's really them who's trying to log in. So that business continues to grow, but we always come back to some of the fundamentals in this business. And again, we go back to this issue of we want to make it easy for the straightforward person to use within a business environment, making things more complicated and really cuts down on this convenience versus security issue, which we discussed earlier.
[29:56] Right. So I just pulled up your website and for the listeners of the show, of course, the links will be in the show notes, but passpack.com and you've got your information there. One of the things that I want to commend you on is you've got your, not only do you have your prices there on the website, but you've got a 28-day free trial, which is a lot better than 14 that I see from most people. Absolutely, yeah. And uh the other thing I d like to say about past fact is we pride ourselves on being flexible we are, um always looking for various integrations we're not octa's obviously a big one an obvious one but we are looking for integrations with other partners in the security space we want to differentiate ourselves in the marketplace against our competitors obviously so yeah and we have a very flexible engineering team. So we are definitely looking for partnerships as we go forward.
[30:57] All right. And then basically for those of you that are looking for using this for clients, if you click on Y-Pass Pack, it'll have the MSP and the channel partners page. So you can see the capabilities there and contact the partner team for all of that. So very nice. And there's actually a specific MSP page there as well for MSPs to actually go. There's a specific set of resources there. and we're happy to actually have discussions with MSPs who are interested in actually working with Passpack. So, absolutely. The other thing we like to stress is the security of Passpack is very high. We're fully SOC 2 compliant and we meet a number of standards around SOC 2 as well. So, yeah, you can be confident that the data that goes into Passpack stays in Passpack and obviously zero knowledge. Nobody gets to see your data apart from the people that should, the users of the account, which is the important point to stress.
[31:57] Okay. Here's a question that I did not prep you for, but I noticed in my last set of research that late 2025 you partnered with a company called Henge.
[32:10] Yeah, it's actually not quite how it's pronounced, it's called Henge, which is a big Japanese multinational it's the biggest uh provider in Japan of identity management software so basically henge is actually we're working with them our development teams are basically joined and henge are actually integrating pass pack into their suite of software for promotion in Japan okay and yeah so uh it's a very big significant deal for pass pack absolutely um and within this mix of customers. There are customers that have thousands of users within their businesses. So it's a good demonstration of how Passpack can scale from a very small set of users to a very large set of users. So it's definitely a solution that can grow with your business. So, yeah. And that Henge product is scheduled for release in the October timeframe, basically, in Japan. So, yeah. Okay. Yeah, I just noticed that because, I mean, they talked about the fact that Henge focuses on cloud security identity services. They're going to combine that with your cloud-based password and credential management platform. So that's a pretty big score. It's a very big deal for Passpack, absolutely. And we would like to get some other partnerships like that going as well. Absolutely. So, yeah. Okay.
[33:38] So is there anything that I maybe didn't think to ask you that you would want listeners to know about? I think we've actually covered a lot, Marv. So thank you very much for the time, by the way. Just basically, yeah, we love to work with sales partners and MSPs. And we're here to listen. And we're here to support their business requirements, basically. So again, we're a very flexible company.
[34:03] I think the issue of password management, as you say, certainly isn't going away. The regulations around password management or, say, client data is only going to get tougher and stronger as time goes on. And as my Arizona presentation said, it certainly is a small business. You do not want to get that very large, unexpected invoice because you've been breached, especially when the breach was very easy to actually avoid by taking some very simple security measures within your organization. And if anybody's actually free to contact me, by the way, please feel free to contact Passpack. I'm very happy to talk with customers and MSPs anytime. Absolutely. All right. And one last thing is I noticed a couple of hours ago you threw a note on LinkedIn promoting that we would be recording today. And you threw a little poll up there. So it'd be interesting. I'll have to follow it and see what responses people get. I've got this very great lady, Danielle, that works for us. And she's actually the one person I think that actually really understands LinkedIn and what to do with it.
[35:07] I'll probably put a link to that post in there so you guys can answer the question. As a managed service provider, what is your biggest challenge in password management? And it's a multiple choice poll there. So go there. I've done that as well. Absolutely. Yeah. And I think, as I say, I mean, just going back to challenges within an organization, yes, you can supply the tools in an organization, but you have to make sure people are using the tools within the organization. And you have to make sure you have the policies in place. For instance, when somebody leaves an organization, what do you do to make sure the potential breach is actually closed within a company? Absolutely. So, yeah. All right. Very good. Well, Chris, thank you very much for coming on the show and helping us understand a little bit more about passwords and credentials. And I like the off-boarding approach. That's something that Yeah, and especially in this day of age where more companies are relying much more on subcontractors and people that tend to move between clients very easily, it's certainly becoming a bigger issue. Absolutely. It's very important. So, yeah.
[36:17] Well, thank you, Marv. It's been a pleasure. Thank you. Thank you, folks. Chris Stripworth with Passpack.com. If you're still juggling passwords in browsers, spreadsheets, or you need to help your customers do that and stop using the sticky notes, this is obviously the time to fix that. So take something you've heard today and put it into use. And, of course, check out Passpack and look at the resources that he's got there. Everything will be in the show notes.
[36:47] And if you got value from this episode, of course, share it with another MSP who needs to hear it. That's going to do it, folks. Thank you all for tuning in. And until next time, Holla!

CEO
Chris Skipworth is the CEO of Passpack, a zero‑knowledge password and credentials manager built for small and mid‑sized businesses and the MSPs that support them. After acquiring an early consumer-focused password tool originally developed in Italy, Chris led Passpack’s pivot into a business‑first platform with features like advanced reporting, multi‑tenant management, Active Directory and SCIM integration, and a newly launched MSP program.
Working from the US, he focuses on helping providers replace scattered browser passwords and spreadsheets with auditable, shareable credential workflows that real users will actually adopt. When he’s not working with MSP partners or enterprise customers like HENNGE in Japan, Chris spends his time advocating for practical, real‑world security habits that fit how SMBs really operate, not just how policies say they should.






















































