Password Managers, which is the best?
It's a good question, and with an ever-increasing selection, it's easy to be confused.
In this article we've reduced it down to five of the leading choices and will be explaining all of their pros and cons to help you choose.
With hacking attacks threatening pretty much every website out there, it is more important than ever to have a unique password for each of your accounts.
However, with all of us having dozens of accounts, remembering them all is impossible.
This is why you must use a good password manager.
What are Password Managers?
Password managers are apps that allow you to store your online credentials and easily retrieve them at any time.
This usually means your username and password, but some will even store other details like your address for quick form filling.
You don't have to remember them yourself, and the only password you do have to remember is that of the manager itself.
They'll also generate you incredibly secure passwords automatically, so you don't even need to give it a second thought.
Best Password Managers
Our leading choices of password managers are:
Let's find out some of their most useful features and what sets them apart.
LastPass is pretty much the industry standard when it comes to password managers.
It allows you to store not only your passwords but also credit card details and other sensitive information.
It will also let you generate new, strong, unique passwords that no human mind can ever randomly guess.
You can even add notes and comments on various websites.
Next, you can easily update your passwords, use the autofill feature, and categorise them. This is useful so you can find them easier should you need to search through them.
It also stands out thanks to its top security, which makes it the best one out there.
You can use it on any device that can run a browser, but it also has dedicated apps for Windows and Mac plus mobile apps for iOS, and Android. Best of all, it is free, although the premium version is cheap and offers many additional features.
Next, we have DashLane, which is another very well-known name in the password manager industry.
Just like LastPass, it also has a free and premium version, and it will let you quickly store, secure, and access any password you wish.
It is available on Windows, Mac, Android, iOS, and Linux. It also features a password generator, autofill, and it lets you store secure notes and documents within.
Finally, DashLane will also monitor the dark web and try to discover whether any of the passwords you stored have appeared somewhere. This could be due to security breaches or data thefts from third parties.
1Password is a powerful password manager, often considered second only to LastPass.
It will remember all of the passwords for you, and let you log into websites with a single click. It is user-friendly, with a modern design, and you can try it out for free.
You can use it to achieve peace of mind for you and your family.
The service supports a couple of different methods of 2FA making your account even more secure. Everything from an authenticator app to hardware devices like the YubiKey and others are supported.
Additional features such as ‘travel mode' that allows you to specify certain vaults safe for travel provide bonus layers of protection.
Like the above choices, it supports most major device types keeping your mobile device and desktop secure but commonly you can access it via their browser extensions.
Then, we have KeePassXC, which is the best choice for advanced users.
It allows self-hosting, which is its key feature, and a significant benefit provided that you know how to handle it. You are responsible for the security of your files.
This also puts a strain on beginners, so if you're not tech-savvy, this probably isn't the solution for you.
If you know what you are doing, then this is an excellent option for you. It features robust encryption, it is open-source, and it works across numerous platforms, all of which make it highly-efficient and useful for safely storing your passwords.
5. Password Boss
Finally, we have Password Boss, which uses cloud based storage and has attracted many users thanks to its free version.
They have apps for all major devices, however, it's not for Linux users, as its one of the only systems they don't officially support.
The service does, however, comes with several benefits. These include ‘bank-grade' security, and a free version for single gadgets.
You can use it to edit text, images, pages, and more. It can automatically fill forms and be used for securely sharing passwords and personal data with others.
How to choose a Password Manager
Your choice will probably come down to LastPass, DashLane or 1Password.
Based on features and usability, LastPass is our top pick, and it's not just us who rate it.
Tech website, Wired picked 1Password as their favourite with DashLane a close runner up.
Ultimately there is very little between the three. All three have free trials, all allow upgrading for extra features and all have apps for most major devices.
How we rated Password Managers
There are a number of different criteria we have used to identify the best password managers of 2020:
Encryption – We assessed how secure each password manager was by examining the encryption levels they used with 256-bit AES encryption the minimum standard we were looking for.
We also took extra security measures like two-factor authentication and zero-knowledge protocols into consideration too.
Strong password protections – When you choose a password manager you are trusting them to protect all your online accounts, so it is important they store your data on secure servers and that when it is transmitted back to your devices it is also secure.
We also looked into whether our recommended password managers had been subjected to a third-party security audit.
Unlimited password storage – We all have hundreds of online accounts these days so users need a password manager with unlimited storage available to handle all these passwords.
Usability – The best password managers are ones that are simple to use and blend seamlessly into your online experience.
We tested each one out thoroughly to determine which offered the most user-friendly all-round experience for both techies and those getting a password manager for the first time.
Features – Advanced features are key to differentiating between password managers so we took the time to consider things like file storage, automatic form filling, secure password sharing, provision of secure browsers, and so on.
Unlimited devices and syncing – Everyone accesses the internet on multiple devices these days, so their password manager needs to work on all devices and sync easily between different devices too.
Prices – The best password managers are able to offer a user-friendly service and a great range of features at an affordable price.
We know price is a factor in most people’s thinking which is why we have built value for money into our thinking.
Customer Service – Everyone needs a little help from time to time, so we looked at the customer service provisions of all our password managers to determine how helpful, responsive, and customer-friendly they were.
Never save password data in your browser
Saving passwords in web browsers is not the best idea even though it seems convenient.
The biggest problem with this is that anyone using the browser can access them. This means that your passwords are free for the taking for anyone.
Browsers are also not 100% safe in terms of security. They can be infected during hacking attacks or visiting a suspicious website could lead to your details being exposed.
Just think – if a hacker ever takes control of your device, they will have access to your passwords. Not to mention what might happen if your device is lost or stolen.
Are there any free password managers?
Of course, many of them are free.
Some of them are free and open-source, while others have free trials but you need to upgrade to unlock premium features.
LastPass, for example, has a limited free version, and for some, this may be enough but with low prices, it's worth considering an upgrade.
However, some free versions only let you store a limited number of passwords, which does not make them very useful.
LastPass' premium features include things that you won't find in the free version.
Premium features include one-to-many sharing, emergency access, priority tech support, advanced multi-factor options, support for apps, 1GB-large encrypted file storage, and more.
Besides, they are not that expensive, and you can get it for around $3 per month, which is not going to break the bank.
Is using a password manager safe?
Safety depends on your choice of a password manager.
Most of them are, as they use strong what is often called ‘military' and ‘bank' level encryption, which are impossible to crack.
These terms are mostly advertising words, but the theory behind them is sound.
Open-source password managers have their code free for anyone to inspect. So if you see them making certain claims regarding the quality of their security, you can be sure that someone knowledgeable has checked, and confirmed that they speak the truth.
With all that said, there have been security breaches in the past. Just this year experts warned against some password manager exploits.
No solution is perfect, and even password managers are vulnerable.
However, it's much safer to store many random passwords with a password manager than continue to use the same old, weak password across all your accounts.
Surely password managers can't be all good?
Naturally, while there are many reasons why you should use password managers, there are always arguments against.
Here are a few of them:
- They might be compromised in a security breach, in which case all your passwords could be stolen.
- You might not use the same platform across all of your devices, and finding a manager that works on all platforms could be challenging.
- Using password managers means having to trust third parties.
- Losing your master password could lead to a lengthy headache to recover everything.
- If the service goes down, you won't be able to log into websites if you don't remember your passwords. (Yes, this happened to me with LastPass for 4 hours!).
Can't I just write down my passwords?
Of course, you can.
The question is: is it a good idea?
Writing things down on a piece of paper and then hiding it somewhere secure is undoubtedly one of the safest things to do.
However, you better make sure that you protect that information as best as humanly possible.
If someone finds it – a family member, friend, or an intruder – they could have access to your accounts.
And, what about accessing your accounts when you are away from home?
You would have to carry the paper around. What if you lose it? It could get stolen or damaged.
Not to mention that using long, complicated passwords are difficult to type correctly, especially when using phones or devices without full keyboards.
Password managers can autofill the fields for you, and you would be logged in within a second.
Advanced Password-Management Features
The majority of password managers offer the same basic features so a lot of users will look at the advanced features to differentiate between them.
One that a lot of users look for is the ability to manage passwords to be used directly in apps rather than just on websites in browsers.
Many of us access online accounts through dedicated apps and if your password manager can’t help with these, it can be a little frustrating having to either remember yourself or copy-paste from their dashboard.
Some password managers also provide users with a secure browser. This is designed to help you stay safe when accessing sensitive accounts like online banking.
Some will even open this browser automatically for you when seeking to log into these accounts.
From a security point of view, the ability to automatically update your password is a really helpful feature too as it means you are keeping up with expert advice on changing passwords regularly without actually having to do anything yourself.
Most password managers will let you sync passwords across multiple devices. A few will offer you the ability to share passwords with other users securely.
Some can even do this without actually revealing your password.
It is usually not advisable to share your passwords with anyone but everyone has the odd occasion where this is necessary so it is always useful to be able to do it securely when necessary.
Are all Password managers the same?
When you start to look into password managers you will quickly notice that a lot of different products offer similar features such as saving passwords securely, generating new secure passwords, device syncing, two factor authentication, and automatic form filling.
This can make it hard to tell one password manager from another and the assumption can quickly arise that they are all the same.
Nothing could be further from the truth though and, as with so many things, the devil is in the detail.
There are a number of ways in which password managers that appear to be the same are in fact very different.
Different password managers can offer different levels of encryption, while all claiming to encrypt your data.
256-bit AES encryption is the minimum level of encryption you should look for, but there are password managers out there that still have weaker encryption.
Different password managers can offer two-factor authentication but some can be much more robust in their security provisions than others.
All password managers will claim to be good value for money, but a closer look at the actual monthly price, what is included for the money, and any special deals can result in big differences being spotted.
The main differences will be found in advanced features.
Here you can often find big differences between providers. But even when both offer the same thing, such as automatic form filling, it is worth looking into how this feature works in practice, as there are likely to be differences.
What are the most common passwords?
Common passwords have been a topic of many studies. People tend to use passwords that are easy for them to remember.
However, this is dangerous, as they are also easy for hackers to guess.
In fact, in a 2019 study by the UK's National Cyber Security Centre, it found that the most common passwords were wholly inadequate.
Here are some of the most common passwords that people tend to use:
- Names (Ashley, Michael, Daniel, Jessica, Charlie)
As you can see, some of these are pretty bad, and hackers might even guess them on their first try.
Such passwords are not a proper way to secure your account, so if you tend to use passwords like these – change them immediately, then get yourself a password manager.
It's also worth checking out HaveIBeenPwned.com which will tell you if any of your accounts have turned up in website security breaches.
What type of password would be considered secure?
Passwords that you should use should be long and complicated. They should include special characters, lower and upper-case letters and numbers.
You may come up with a sentence and use the first letter of each word, which is easy to remember and stay safe and seemingly random.
Here are a few examples of safe passwords:
- [email protected]
Although a password manager will do an even better job and give you the likes of:
Notice the difference?
Even though our own generated passwords are considered to be quite strong and are unlikely ever to be randomly guessed the ones created by a password manager are twice as secure.
Without a password manager, you must remember them, but try remembering more than 5 of them, and you will see why password managers are necessary.
Make your Password Manager even more secure
There is another thing you can do to make your devices and accounts secure, which is to combine password managers with a hardware device.
Devices like YubiKey can be used to authenticate yourself (login) with your password manager. Plus add an extra layer of authentication known as 2FA (2 Factor Authentication).
That way, you won't have to remember a master password, nor allow someone else the opportunity to guess it or find it on a piece of paper.
You would be the only one who can access it with your hardware key.
All of the best password managers allow different types of authentication options and most support hardware devices such as the YubiKey.
Password Managers Infographic
Using password managers is extremely easy, and more than necessary these days.
With so many websites, we tend to have dozens of accounts, and if you are doing things properly – each of them has its own password.
But, remembering them all is impossible, and the likelihood is you use one or two passwords or a combination of the same password across all websites.
Don't be too hard on yourself, it's human nature, and you certainly won't be alone.
However, if you're looking to stay extra secure, then using LastPass or one of the other recommended apps in this guide will keep your passwords safe.
- Top Secure Email Services
- 21 Best VPN services to enhance your Privacy
- Leading Google alternatives to search privately
Illustration © Sujeet Kumar | Dreamstime.com