Stop Using Excel for Passwords. Do This Instead
“We keep all passwords in a spreadsheet on the shared drive.”
If that’s you, you have 3 problems: Anyone can open it. No audit log. When someone leaves, they still have the file.
Here’s how to fix it in 15 minutes with a free tool.
Why Excel Is a Disaster
- No encryption: If the laptop gets stolen, attacker has every password in plain text
- No access control: “Read only” doesn’t stop copy-paste
- No audit trail: Who viewed the banking password last Tuesday? Nobody knows
- Staff leavers: Ex-employee still has `Passwords.xlsx` on their personal laptop
- POPIA violation: Storing customer login details in Excel = no access control = fine risk
The Fix: Use a Password Manager [Free for Teams Under 10]
Password managers encrypt everything. Staff only see passwords you share with them. When they leave, revoke access in 1 click.
| Feature | Excel | Bitwarden Teams |
|---|---|---|
| Encryption | ❌ None | ✅ AES-256, zero-knowledge |
| Share with staff | ❌ All or nothing | ✅ Per-password permissions |
| Offboard staff | ❌ Hope they delete it | ✅ Revoke instantly |
| Audit log | ❌ None | ✅ Who viewed what, when |
| MFA | ❌ No | ✅ Enforced for vault access |
| Cost | Free | Free up to 2 users, R60/user/mo after |
15-Minute Setup Guide [Bitwarden Example]
1 Create Organization Vault
Go to bitwarden.com > Create Account > Choose "Organizations" > Free plan. This is your company vault.
2 Import From Excel [One Last Time]
Export Excel as CSV. In Bitwarden: Tools > Import > Select "CSV". Map columns: Name, Login, Password, URL. Delete the Excel file after.
3 Create Collections
Group passwords: "Finance", "Social Media", "Client Portals". This lets you share "Finance" with accounts team only.
4 Invite Staff + Enable MFA
Manage > Users > Invite. Set policy: Require MFA for all members. They install Bitwarden app + browser extension.
5 Offboarding Rule
When staff leave: Manage > Users > Remove. Their access dies immediately. Run "Access Report" to confirm they can't see anything.
What About 1Password?
Also excellent. Slightly better UI, costs R75/user/mo. Bitwarden is open-source and cheaper. Both work.
Don't use: LastPass — had multiple breaches. Keeper — expensive. Browser built-in — no sharing/offboarding.
3 Policies to Enforce Day 1
- No passwords in email/Slack/Teams: Share via Bitwarden "Send" feature with expiry
- Unique passwords only: Bitwarden generator > 16 chars. No "Company2024!" reuse
- MFA everywhere: Vault + Microsoft 365 + Banking. Use Authenticator app, not SMS
Want Us to Set This Up For You?
We migrate your Excel, configure collections, train staff, and document offboarding. Included in R300/user/mo Managed IT.
See Managed IT PlansStill using Excel? Book the R950 Health Check — we check for `Passwords.xlsx` on your shared drive as part of the 23-point audit. If we find it, we’ll help you migrate for free.