We use multiple online services every day, and using the same password for all of them is a terrible idea. If someone receives your password from one platform, they will be able to access your accounts on all others. If you use a unique, strong, and complex password for each of your online accounts, you won’t be able to remember all of them. To remember all of your logins and passwords, you must have a super memory.
Some people use ridiculously simple passwords such as “password” and “123456” to make them easy to remember. They are extremely vulnerable to hacking. Another quite popular approach — people store the passwords in plain text documents in an open form, even if they are quite complex.
These pieces of software generate strong passwords for you, store them in encrypted storage, and automatically insert them when you visit a site that requires login information. Most platforms are able to synchronize the data between multiple devices so you can use the same passwords on your computer, smartphone, or tablet.
The only thing you have to remember is the master password to access the storage. Of course, there is a risk that hackers gain access to your master password, compromising all your passwords and accounts. However, it is much easier to remember one password instead of several dozens.
Most password managers use multi-factor authentication to ensure that only you can access your password store. You must enter both a master password and an authentication code. The code will only appear on your trusted devices.
In the review, we are going to look closer on what a password manager is, the available types of the service, as well as some advice on how to select the most appropriate one. Also, we will provide a quick overview of the top 7 password managers available in the market.
What is a password manager?
Even if your password is 20 characters long, it has characters, numbers, and letters of different registers — it does not guarantee the security of your account. Cybersecurity experts do not recommend using the same password on multiple sites. But no one can remember unique passwords for a considerable number of sites. How to make life easier? The password manager will help you.
Imagine that all your passwords are written down in a book and locked with a key that only you have. If you transfer this analogy to the IT sphere, the book is a program, and the key is a master password — a password for all passwords.
Some people think that this is not secure. What if someone gets this “most important password”? It is quite understandable fear. But if you choose a secure master password that you have never used before, you can protect your accounts from unauthorized access.
Password managers help you create secure, unique passwords when you sign up for web sites and store them on your servers. To access the resource or the application, you can copy the password from the manager and paste it into the appropriate field. Often these programs allow you to not only remember but also to enter the password on the site automatically.
So, why should you use the password manager?
- Passwords are always stolen. Sites and services can be hacked at any time, and you can become a victim of phishing. Companies must hash their passwords every time a user enters them, but not everyone uses reliable and up-to-date algorithms. And some companies don’t bother with hashing at all. This attitude to security is a great loophole for hackers. At the same time, the longer and more complex the password is — a combination of upper and lower case letters, numbers and symbols — the more time it will take to crack it.
- You need to keep a lot of passwords in mind: from social media accounts, payment systems, email, services, and applications. It’s easier to use one password for everyone. It makes life easier not only for you but also for hackers. They take the password from a compromised site and try to login to accounts on other services. The manager allows you to create a more secure and unique passwords for each site. You don’t have to worry about forgetting them.
- If you like to work in a cafe, nothing prevents the waiter or another visitor from seeing your password when you log in. With the manager, in many cases, you can work without entering the passwords at all.
Now, let’s review some of the best password managers available in the market.
Supported platforms: Web, Android, iOS, macOS, Windows, Linux.
Pricing: Free (50 passwords on 1 device), Premium (without limits) — $3.33/mo.
Dashlane Password Manager is a tool for creating, storing, changing, and entering logins and passwords from various Internet accounts automatically. It allows to store personal and banking information, notes with any other information and copies of online payment receipts. The service is available on Windows, macOS, Android, iOS, and Linux. An extension for Chrome, Internet Explorer, Safari, and Opera can be used to quickly open websites and automatically log in to your saved account.
Dashlane offers three different types of subscriptions. Free is used on a single device, Premium for unlimited password storage on all devices and advanced features such as Darknet and VPN monitoring, and Premium Plus with advanced options for US users. The last plan is not available in all countries.
How secure is Dashlane? The developers are trying to make their service as safe as possible. Unlike many other cloud-based password managers, Dashlane has never been exposed to user data leaks.
All passwords are encrypted locally on the user’s device. A master password is used for encryption, which never leaves the user’s device, and one of the encryption methods is Argon2d, PBKDF2 10,204 or PBKDF2 200,000. The default encryption method is PBKDF2 10,204.
Also, you can use two-factor authentication, Windows Hello authentication, or physical U2F key. On smartphones, you can protect your smartphone with a pin code, fingerprints, or face recognition.
- Improved password management. Password Health analyzes password strength in real-time and helps you identify accounts that need attention. Available tools will help you quickly improve password security.
- Secure File Storage. Premium subscribers receive 1 gigabyte of encrypted cloud storage for quick access to sensitive files.
- Secure transmission. Users can securely share their credentials with friends, family or colleagues without revealing their passwords.
- VPN for Wi-Fi protection. Premium users can now protect their Internet connection with a Dashlane VPN, which protects personal data on unreliable public networks. There are no limits to the number of devices or traffic volume.
- Identity Dashboard. The new control panel is the center of your digital profile security. It gives you a clearer understanding of what needs to be improved and offers specific actions to improve your security.
- Dark Web Monitoring. Premium users can monitor up to 5 email accounts to receive alerts when leaks are detected in the Darknet. The service scans more than 32 billion hacks and leaks records.
- Improved password change tool. In case of a cracked password, users can use the built-in tool to update and protect affected passwords on more than 500 sites in one click.
We don't like:
Supported platforms: Web, Mac, Windows, Linux, Chrome, Firefox, Safari, Internet Explorer, Opera, Microsoft Edge, Android, iOS, Windows Mobile.
Pricing: a limited free version, Premium — $2/mo for 1 user, Families — $4/mo for up to 6 users.
LastPass is an online service that provides secure storage of passwords, notes, profiles in online stores, and documents. It allows you to fill in the entering forms, payment automatically, and delivery on various sites, generate new keys and exchange data in encrypted form. The service positions itself as an extension for most Windows, macOS, and Linux browsers, standalone Mac OS app, as well as mobile applications for iOS, Android, Windows Phone and Firefox OS.
Passwords in LastPass manager are protected by a master password and encrypted locally and synchronized between different web browsers. The program includes Forms Auto Filler, which automates the entry of passwords and filling in various forms when registering on websites. The plugin allows you to easily create an account and import existing passwords from popular password managers and web browsers.
LastPass Password Manager allows you to securely exchange passwords, login to the site in one click, and access data from any computer via your LastPass.com account. Passwords are secured by checking their reliability, protecting them from keyloggers and phishing attacks, and restricting access to the account.
- A free version of LastPass
- The free version allows using all the important functions for free on any number of devices. Synchronization is available between Windows or Mac OS computers, Linux, mobile devices on iOS, Android or Windows Mobile.
- Premium Features
- Multi-factor authentication with USB flash drives.
- Multi-factor authentication using YubiKey, Sesame.
- LastPass for Windows applications.
- Use LastPass without installing the plugin (IE Anywhere).
- Improved password exchange — Premium users receive 1 shared folder where they can share data with relatives and friends (up to 5 people).
- No advertising.
- Quick email or emergency phone support.
We don't like:
Supported platforms: macOS, iOS, Windows, Android, Linux, Command-Line, Chrome OS, Google Chrome, Microsoft Edge, Opera, Firefox, Safari, as well as 1Password X — autonomous browser extensions without desktop application.
Pricing: individual plan for $2.99/mo and family plan for $4.99/mo for up to 5 users.
The developer of the program is AgileBits Inc. 1Password software is one of the most popular at the moment. As with other services, to access your data storage, you will require to know a single master password. AES-256 encryption protects sensitive information anytime and anywhere.
1Password works on the Amazon Web Services platform, the largest and most secure international provider. In addition to high flexibility and availability, Amazon Web Services also allows using the Key Management Service hardware security modules to tighten Secure Remote Password Protocol validation further.
1Password, like most other platforms, is cross-platform and can be integrated:
- as a web browser extension for Chrome, Safari, Opera, Mozilla Firefox, Microsoft Edge;
- as a standalone computer app for Linux, Windows, and macOS;
- as an application on your iOS (iPhone, iPad, Apple Watch) and Android device.
The password repository can be stored locally, or in the cloud, so you can create passwords, log in to websites, fill in bank card details, and access your online accounts with a single click. On your mobile device — with a fingerprint or PIN code.
1Password is the first and probably the only password manager that uses the WebCrypto (Web Cryptography API) standard recommended by the World Wide Web Consortium (W3C). The tool enhances security by providing direct access to hashing, signature generation, encryption, and decryption without the need to access source data.
1Password has a great intuitive software interface, and the company is ready to reward the users who will find any bugs, errors and other technical and security failures.
We don't like:
Supported platforms: Windows is the only officially supported platform. There are also unofficial ports for Mac OS, Android, iOS, Windows Phone, Windows Tablet, Pocket PC, BlackBerry, Chromebook, J2ME, Palm OS, Command Line, Linux, browsers, and web servers.
Pricing: free and open source.
KeePass Password Safe is a free open source password manager. The application helps you manage multiple passwords and protect them from theft. You will be able to store all your data in one database, which is closed with one master key or special file.
After entering the master password, KeePass analyzes its quality. The app even searches for known bad passwords, repetitive sequences, pseudo-language elements, etc. If KeePass considers your master password is strong, it is strong! The main thing is to make sure that you can remember it.
Adding another authentication factor is available by saving the key file on a USB flash drive, which will greatly enhance the security of your account. A hacker who steals the master password will not be able to open the database unless he can physically steal the flash drive from your pocket. KeePass can create a key file itself, but can also accept any file specified by the user. There is an option to authenticate with the key provider plugin.
The third option available is Windows account authentication, which at first glance, seems very simple. The fact that you are using a Windows account means that you have physical access to the computer and you know the password for the account. Changing the Windows password does not affect KeePass. The problem is that in the case of system failure, the user will have to perform a full OS recovery from the backup. Creating an account with the same name again will not work.
You can configure KeePass to display an authorization screen on a secure desktop-like the Account Control prompt window. The purpose of a secure desktop is to prevent keyloggers from capturing the master password, a security measure that is effective against most keyloggers.
Besides, KeePass Password Safe is completely free and distributed as open-source software (OSI certification).
- Improved security system (AES encryption algorithms, SHA-256, password protection, database hacking protection).
- Portable (does not require installation), supports various operating systems (Windows, Linux, Mac OS X).
- Efficient organization system (time field tags, applications in the form of files).
- Supports various methods of data exchange (clipboard, drag and drop, plugin support).
- Powerful password generator.
- Multilingualism (support for more than 40 languages).
We don't like:
Supported platforms: Android, iOS, macOS, Windows, Linux, Chrome OS, Google Chrome, Mozilla Firefox, Opera, Safari, Microsoft Edge.
Pricing: Limited free version, individual plan for $23.88/year, and family plan for $47.75 for up to 5 users.
RoboForm is a password manager that allows you to store online or locally website accounts, bookmarks, and other information in a secure location. The app automatically remembers the data you enter and then allows you to log in to your sites in a few clicks. The utility has a hierarchical structure of data storage and internal search system.
During the installation, in additional options, you can choose which browsers RoboForm will integrate into Google Chrome, Mozilla Firefox, Opera, Internet Explorer — and decide whether to save and fill out forms. It is possible to import data from other similar programs, browsers and CSV files, which is convenient when you start working.
To fill in various online forms quickly, you need to input some basic information about yourself in the “Person” section. The application is ready to learn almost everything about you: passport data, IDs, bank cards, bank accounts, car data, and much more.
The application also has the “Set backup contact” feature — you can specify an email address, whose owner will have access to your account. All data is encrypted with AES256 algorithm using PBKDF2 SHA256.
Also, you can add a new item by going to the website and entering your username (login) and password. The extension in your web browser automatically recognizes the password entry field and suggests saving it to the database.
You are also able to use RoboForm to store bookmarks and access them via the toolbar. When you save your account data, you can open the website and automatically enter your password to log in just in one click. It will help to avoid the necessity to enter the data and access your favorite websites more quickly.
- RoboForm Everywhere. A very useful feature of RoboForm is the online storage of your sensitive data. The option allows to access the registration data from any computer and even from mobile devices — Android and iOS-based smartphones and tablets. To do this, you need to subscribe to RoboForm Everywhere.
- RoboForm2Go for Windows. The portable version of RoboForm2Go for Windows stores logins on your USB flash drive and does not require installation on your computer. Plug in the flash drive to any computer and enjoy all the features of RoboForm. If you spend a lot of time online and regularly fill out the same data on various websites, this program can help you save time and increase your productivity.
We don't like:
Supported platforms: Windows, Mac, Linux, Android, iOS, Chrome, Firefox, Opera, Edge, Safari, Internet Explorer.
Pricing: free version (just one device), personal — $2.50/mo, family — $5.00/mo, business — $2.50/mo per user, enterprise — $3.75/mo per user.
Keeper is a password manager and digital repository. It is designed for encrypted storage and automatic entry of logins, passwords, bank card details, and other personal data, which are required to access various sites. The service is presented in the form of extensions for most desktop browsers and mobile applications for iOS, Android, Windows Phone and BlackBerry. The interface of applications for Windows, macOS, and Linux repeats the online version and requires an Internet connection.
- There is no need to remember everything — it is not difficult to remember a password if you visit one or two sites, but when you use several dozens of them — the task becomes much more complicated. Keeper stores the passwords in your storage and allows you to manage them.
- Build strong and unique protection — the more complex and secure your password is, the higher the level of security. Keeper has a built-in password generator that generates high-security code combinations and can also analyze the quality of passwords you created.
- Use your fingerprint — to access the storage, website or application without entering passwords with Keeper, you can use biometric authentication such as a fingerprint scanner.
- Store any important data — in today’s world, passwords are not the only thing we value, so there’s a protection for your documents, files and graphic content (photos and videos).
- Personal and payment data — keep bank card details secure and fill in forms automatically when making purchases or paying for services.
- Two-Factor Authentication — an additional layer of security for accessing websites and applications.
- Possibility of physical key application —there is a hardware protection key, for example, YubiKey, for multi-factor authentication.
- Cross-platform and flexible — Keeper supports any modern smartphone, tablet or computer. Your records are synchronized automatically, across all devices, with full online and offline access.
- Emergency access — appoint up to 5 trusted persons who will be able to access the storage in case of death or other unforeseen circumstances. Specify the period of time after which they will be able to access the storage database.
- Record History — if necessary, save and restore previous versions of records at any time.
- Choose a storage location — Keeper has many storage centers in North America and Europe. Users have the option of selecting the desired region to store their encrypted data.
- Information security — Keeper takes great care in protecting your information. Data is encrypted with a 256-bit AES encryption key and the PBKDF2 standard. Amazon AWS infrastructure is used for hosting and providing the greatest cloud security.
We don't like:
Supported platforms: Windows, macOS, Linux, Android, iOS, Google Chrome, Mozilla Firefox, Opera, Microsoft Edge, Safari, Vivaldi, Brave, Tor Browser, command line, web access.
Pricing: personal use — free for 2 people, $1/mo for families of up to 5 people; business use — $5/mo for teams of up to 5 users, $3/mo per user for enterprises.
Bitwarden Password Manager will help you create and store secure passwords — you don’t have to remember them. Use different randomly generated passwords for each account you create. Secure cloud synchronization features allow you to access your data from anywhere and from any device. Your storage is conveniently optimized for use on desktops, tablets, and smartphones.
Access Bitwarden with Windows, macOS, and Linux applications, as well as mobile apps for your smartphone or tablet. Integrate Bitwarden into your favorite browser and use browser extensions to use your password database easily. You can also access your Bitwarden storage from any device using the online version of the service.
All your data is fully encrypted before it leaves your device, and only you have access to it. Your information is securely encrypted with AES-256 end-to-end encryption, robust hashing, and PBKDF2 SHA-256 algorithm.
Features of the free version
- All basic functions are available.
- Versions for all platforms.
- Device synchronization.
- An unlimited number of entries.
- Storage of logins, notes, credit cards, and identification data.
- Two-stage authentication (2FA).
- Secure password generator.
Features of a paid version
- 1 GB of encrypted storage.
- Two-factor authorization with YubiKey, FIDO U2F, and Duo.
- Password security and storage status reports.
- Storing the TOTP Authenticator keys and generating the code.
- Priority customer support.
We don't like:
How to choose a password manager
As there are dozens of different password managers available in the market, for an average user, the right solution can be quite complicated. What are the key moments you should consider choosing the most appropriate one?
- Security. To keep your passwords reliably protected, a good password manager will use modern multi-level protection using powerful encryption and security protocols. Most modern platforms are protected enough not to break your database.
- Multi-factor authentication. While all the data is protected with one master password, it is much more secure do use the additional security measure. Consider whether the service can send a verification message, Use Google or Microsoft authenticator or allows to access the database via fingerprint or face recognition.
- Password generator. It’s not that easy to create a unique and strong combination. The password generator will create the best one and unique for each website and application.
- Synchronization. To be able to access the password on multiple devices, they must synchronize. However, many platforms do not have all the synchronization in a free plan — in that case, you will have to get a premium subscription.
- Browser extension. This feature will help you to automatically fill in the forms on the websites or save other information in a few clicks.
- Passwords for apps. If you plan to use the password manager in many applications, consider the one with the respective option.
Desktop vs. Cloud vs. Extensions
First of all, you should understand how password managers store your data. They can store the data in the cloud or locally, on the user’s computer. Each of the ways has its pros and cons. The important thing here is the convenience or maximum protection of your data.
Cloud storage with the synchronization between devices is convenient in that passwords, and other sensitive data are available on all devices where they are needed. But if the cloud is hacked, the passwords may be lost.
Local storage is more secure (unless your computer or laptop is stolen), but less convenient. Let’s say you created a password for your Facebook page using the password manager and saved the information on your PC. But if you open Facebook on your smartphone, then the new password is not automatically entered, and you have to type it manually. Okay, if it’s all about one service. And if we talk about dozens of accounts on different sites, then this scheme becomes too inconvenient.
Another possible way to use the password manager is the browser extension. In many cases, it will work with the standalone application, but some services are available only via the extension. It is okay if you mostly use it with the browser. But you will not be able to access your passwords in other applications.
Let’s look closer at each type of password manager.
Desktop Password Managers
The desktop version is the application that works exclusively on one computer and cannot synchronize the data between devices. It is a suitable solution for those who are experienced users, and the app may require complex configuration. However, the developers provide all the necessary instructions on installation and maintaining as well as the technical support.
- You have complete control over the decision. No one has access to your password manager.
- You are independent of third-party services.
- The desktop solution gives you reliability, maximum flexibility, and 100% independence.
- You are the only one responsible for the reliability and security of your passwords.
- In most cases, you will require the complex initial setup and configuration.
The most known product is KeePass. This is the Windows solution and saves all the data on your PC local drive.
Cloud Password Managers
This is the most popular type of password managers. 6 of 7 services we are viewed in this article are cloud services. They have a lot of benefits compared to other types:
- You are able to use it on almost any platform and operating system: desktop computers, mobile devices, and all the popular browsers.
- All the passwords can be synchronized between any devices — you will not have to enter anything manually.
- You can also save the backup and share it with someone you trust.
- Most services provide a lot of additional options like files, bank card numbers or personal documents protection.
- You are able to access the data from any device. Even if you lose your PC or smartphone, you can easily connect to another one.
At the same time, there are some cons:
- You must connect to the Internet to make the synchronization work — it is not available offline.
- You are dependent on the service — if it lags, you lose access to your data.
Password Manager Extensions
When you first enter your password on a website, the browser asks you whether you want to save it or not. If you agree, then you will not have to re-enter your password and login again when you enter the same site. Most available services provide the extensions for most popular browsers like Google Chrome, Mozilla Firefox or Opera by default.
We don't like:
A password manager is a great solution for those who do not trust the built-in browser options but want to keep them safe and access on any device. For most users, are clouds solutions are the best choice. They are available on multiple devices, so you can easily save logins, passwords, and other sensitive data on your computer, smartphone, or tablet.
At the same time, if you do not trust third party solutions, use autonomous applications like KeePass. They store the database on your local drive and no one can access it besides physical access to your device.
In any case, do not avoid using the password managers. They provide much better protection for all your sensitive data. They are affordable in pricing, and many services are available for free.