Password Managers, which is the best?
It's a good question, and with an ever-increasing selection, it's easy to be confused.
In this article we've reduced it down to five of the leading password manager tools and will be explaining their pros and cons to help you choose.
With hacking attacks threatening pretty much every website out there, it is more important than ever to have a unique password for each of your accounts.
However, with most of us having dozens of accounts, remembering every one is impossible.
This is why everyone should be using a good password manager. We have taken a look at the best including those with iOS, Android, Windows, and macOS apps.
What are Password Managers?
A Password Manager is an apps that allow you to store your online credentials and data and easily retrieve them at any time.
This usually means your username and password, but some password manager tools will even store other details like your address for quick form filling.
You don't have to remember them yourself. You just have to remember is the master password. That one master password lets you access the password manager and data and all your other passwords are securely stored there.
A good quality password manager will also generate you incredibly secure passwords automatically, so you don't even need to give it a second thought.
Top 5 Password Managers
Our top best password manager picks are:
Let's analyse each of these password manager providers individually to see what features they offer and what sets them apart from the rest of the field. If you want to find out more about any, just click on the links in this guide.
LastPass is pretty much the industry standard when it comes to password managers and is the best password manager around as far as we are concerned.
It allows you to store not only your passwords but also credit card details and other sensitive data. It will also let you generate new, strong, unique passwords that no human mind can ever randomly guess. You can even add notes and comments on various websites.
Next, you can easily update your passwords, use the autofill feature, and categorise them. This is useful so you can find them easier should you need to search through them.
It also stands out thanks to its top security, which makes it the best one out there. This includes two factor authentication, multi-factor authentication, and secure password sharing which is highly recommended.
You can use it on any device that can run a browser, but it also has dedicated apps for Windows, macOS, plus mobile apps for iOS, and Android. You can add it to web browser extensions such as Chrome, Firefox, and more too (not Internet Explorer anymore sadly). The user interface on these apps is friendly and well-designed.
Even better, it has a free tier available. A free password manager might sound worrying so it is great to know that LastPass is not only a really good password manager that you can trust, it is also the best free password manager too.
If that sounds too good to be true, we should add that there are paid password managers tiers too and you will need these to access the features and to use the same LastPass account across multiple devices. But the free tier still does the basics well and is certainly better than nothing.
Overall, there is no question that LastPass is the best password manager on the market right now.
Next, we have DashLane, which is another very well-known name in the password manager industry.
Just like LastPass, it also has a free and premium version, and it will let you quickly store, secure, and access any password you wish.
You can use DashLane on a range of different platforms through desktop apps for Windows, MacOS, and Linux with mobile apps for Android, iOS, and also web browser plugins for Chrome, Firefox, and more. All offer a user-friendly and well designed user-interface.
There is a password generator, autofill, and it lets you store secure notes and documents within.
Finally, DashLane does dark web monitoring to try to discover whether any of the passwords you stored have appeared on a dodgy site somewhere. This could be due to security lapses or data thefts from third parties.
1Password is a powerful password manager, often considered second only to LastPass.
1Password will remember your passwords for you, and let you log into websites with a single click. It is user-friendly, with a modern design, which means you can use 1Password to achieve peace of mind for you and your family.
The 1Password service supports a couple of different methods of 2FA making your account even more secure. Everything from an authenticator app to hardware devices like the YubiKey and others are supported.
Additional features such as ‘travel mode' that allows you to specify certain vaults safe for travel provide bonus layers of protection and some nifty keyboard shortcuts.
There are a range of desktop apps for Windows, MacOS, and more, mobile apps for iOS, Android, and other devices and browser extensions for Chrome, Firefox and more. You can use 1Password on just about any mobile device or desktop computer you like.
Even better, 1Password is another paid password manager that has chosen to include a free tier. This means all of our top three password management solution options out there are also effectively free password managers, albeit with some service limitations. But even this will still keep your data safe.
1Password even has a family plan option that allows you to keep your family members passwords secure.
Then, we have KeePassXC, which is the best choice for advanced users.
It allows self-hosting, which is its key feature, and a significant benefit provided that you know how to handle it. You are responsible for the security of your files.
This also puts a strain on beginners, so if you're not tech-savvy, this probably isn't the solution for you. But there are apps for iOS, Android, Windows, and macOS devices as well as plugins for most web browsers too.
If you know what you are doing, then this is an excellent option for you. It features robust encryption, it is open-source, and it works across numerous platforms, which make it highly-efficient and useful for safely storing your passwords.
5. Password Boss
Finally, we have Password Boss, which uses cloud based storage and has attracted many users thanks to its free version.
They have apps for all major devices including desktop apps for Windows, MacOS but not for Linux users, as its one of the only systems they don't officially support.There are also mobile apps for iOS and Android devices and browser plugins for Chrome and Firefox.
The service does, however, comes with several benefits. These include ‘bank-grade' security, dark web monitoring, and a free version for single gadgets.
You can use it to edit text, images, pages, and more. It can automatically fill forms and be used for securely sharing passwords and personal data with others.
How to choose a Password Manager
Your choice will probably come down to LastPass, DashLane or 1Password.
Based on features and usability, LastPass is our top pick, and it's not just us who rate it.
Tech website, Wired picked 1Password as their favourite with DashLane a close runner up.
Ultimately there is very little between the three. All three have free trials, all allow upgrading for extra features and all have apps for most major desktop and mobile devices including Android and iOS devices.
Ultimately, you won't go far wrong with any of these password managers. We would recommend that you opt for their paid password managers packages as these offer the best range of features and levels of security. But the free tiers are still much better than nothing.
How we rated Password Managers
There are a number of different criteria we have used to identify the best password managers of 2020:
Encryption – We assessed how secure each password manager was by examining the encryption levels they used with 256-bit AES encryption the minimum standard we were looking for.
We also took extra security features like two-factor authentication, multi-factor authentication, open source software, secure password sharing, and zero-knowledge protocols into consideration too.
Strong password protections – When you choose a password manager you are trusting them to protect all your online accounts, so it is important they store your data on secure servers and that when it is transmitted back to your devices it is also secure.
We also looked into whether our recommended password managers had been subjected to a third-party security audit and again features like two-factor authentication were considered.
Cloud storage was another factor. Lots of Password Managers like to use cloud storage but some users prefer their data to be stored on their device and there are providers that offer this.
Unlimited password storage – We all have hundreds of online accounts these days so users need a password manager with unlimited storage available to handle all these passwords.
Usability – The best password managers are ones that are simple to use and blend seamlessly into your online experience. This means great apps and browser extensions for the devices you use such as Android, iOS, Windows and macOS. We also looked for a usable password generator,
We tested each one out thoroughly to determine which offered the most user-friendly all-round experience for both techies and those getting a password manager for the first time.
Features – Advanced features are key to differentiating between password managers so we took the time to consider things like file storage, automatic form filling, secure password sharing, provision of secure browsers, and so on.
Unlimited devices and syncing – Everyone accesses the internet on multiple devices these days, so their password manager needs to work on all devices and sync easily between different devices too.
Prices – The best password managers are able to offer a user-friendly service and a great range of features at an affordable price.
We know price is a factor in most people’s thinking which is why we have built value for money and things like a family plan into our thinking.
Customer Support – Everyone needs a little help from time to time, so we looked at the customer service provisions of all our password managers to determine how helpful, responsive, and customer-friendly they were.
Never save password data in your browser
Saving passwords in web browsers is not the best idea even though it seems convenient.
The biggest problem with this is that anyone using the browser can access them. This means that your passwords are free for the taking for anyone.
Browsers are also not 100% safe in terms of security. They can be infected during hacking attacks or visiting a suspicious website could lead to your details being exposed.
Just think – if a hacker ever takes control of your device, they will have access to your passwords. Not to mention what might happen if your device is lost or stolen.
Are there any free password managers?
Most password managers are not completely free but many of the best password manager providers have a free version that you can use to try them out of if you are happy with some feature limitations.
Some of them are free and open-source, while others have free trials but you need to upgrade to unlock premium features.
LastPass, for example, has a limited free version, and for some, this may be enough but with low prices, it's worth considering an upgrade.
However, some free versions only let you store a limited number of passwords, which does not make them very useful.
LastPass' premium features include things that you won't find in the free version.
Premium features include one-to-many sharing, emergency access, priority tech support, advanced multi-factor options, support for apps, 1GB-large encrypted file storage, and more.
Besides, they are not that expensive, and you can get it for around $3 per month, which is not going to break the bank.
Is using a password manager safe?
Safety depends on your choice of a password manager.
Most of them are, as they use strong what is often called ‘military' and ‘bank' level encryption, which are impossible to crack.
These terms are mostly advertising words, but the theory behind them is sound.
Open-source password managers have their code free for anyone to inspect. So if you see them making certain claims regarding the quality of their security, you can be sure that someone knowledgeable has checked, and confirmed that they speak the truth.
With all that said, there have been security breaches in the past. Just this year experts warned against some password manager exploits.
No solution is perfect, and even the best password management tools can be vulnerable.
However, it's much safer to store many random passwords with a password manager than continue to use the same old, weak password across all your accounts.
Surely password managers can't be all good?
Naturally, while there are many reasons why you should use password managers, there are always arguments against.
Here are a few of them:
- They might be compromised in a security breach, in which case all your passwords could be stolen.
- You might not use the same platform across all of your devices, and finding a manager that works on all platforms could be challenging.
- Using password managers means having to trust third parties.
- Losing your master password could lead to a lengthy headache to recover everything.
- If the service goes down, you won't be able to log into websites if you don't remember your passwords. (Yes, this happened to me with LastPass for 4 hours!).
Can't I just write down my passwords?
Of course, you can.
The question is: is it a good idea?
Writing things down on a piece of paper and then hiding it somewhere secure is undoubtedly one of the safest things to do.
However, you better make sure that you protect those login credentials as best as humanly possible.
If someone finds it – a family member, friend, or an intruder – they could have access to your accounts, personal data, and even credit card information. With all this data lost, you could become the victim of identity theft or worse.
And, what about accessing your accounts and personal data when you are away from home?
You would have to carry the paper around. What if you lose it? It could get stolen or damaged.
Not to mention that using long, complicated passwords are difficult to type correctly, especially when using phones or devices without full keyboards.
Password managers can autofill the fields for you, and you would be logged in within a second.
Advanced Password-Management Features
The majority of password management tools offer the same basic features so a lot of users will look at the advanced features to differentiate between them.
One that a lot of users look for is the ability to manage passwords to be used directly in apps rather than just on websites in browsers.
Many of us access online accounts through dedicated apps and if your password manager can’t help with these, it can be a little frustrating having to either remember yourself or copy-paste from their dashboard.
Some password managers also provide users with a secure browser. This is designed to help you stay safe when accessing sensitive accounts like online banking.
Some will even open this browser automatically for you when seeking to log into these accounts.
From a security point of view, the ability to automatically update your password is a really helpful feature too as it means you are keeping up with expert advice on changing passwords regularly without actually having to do anything yourself.
Most password managers will let you sync passwords across multiple devices. A few will offer you the ability to share passwords with other users securely.
Some can even do this without actually revealing your password.
It is usually not advisable to share your passwords with anyone but everyone has the odd occasion where this is necessary so it is always useful to be able to do it securely when necessary.
Are all Password managers the same?
When you start to look into password managers you will quickly notice that a lot of different products offer similar features such as saving passwords securely, generating new secure passwords, device syncing, two factor authentication, and automatic form filling.
This can make it hard to tell one password manager from another and the assumption can quickly arise that they are all the same.
Nothing could be further from the truth though and, as with so many things, the devil is in the detail.
There are a number of ways in which password managers that appear to be the same are in fact very different.
Different password managers can offer different levels of encryption, while all claiming to encrypt your data.
256-bit AES encryption is the minimum level of encryption you should look for, but there are password managers out there that still have weaker encryption.
Different password managers can offer two-factor authentication but some can be much more robust in their security provisions than others.
All password managers will claim to be good value for money, but a closer look at the actual monthly price, what is included for the money, and any special deals can result in big differences being spotted.
The main differences will be found in advanced features.
Here you can often find big differences between providers. But even when both offer the same thing, such as automatic form filling, it is worth looking into how this feature works in practice, as there are likely to be differences.
What are the most common passwords?
Common passwords have been a topic of many studies. People tend to use passwords that are easy for them to remember.
However, this is dangerous, as they are also easy for hackers to guess.
In fact, in a 2019 study by the UK's National Cyber Security Centre, it found that the most common passwords were wholly inadequate.
Here are some of the most common passwords that people tend to use:
- Names (Ashley, Michael, Daniel, Jessica, Charlie)
As you can see, some of these are pretty bad, and hackers might even guess them on their first try.
Such passwords are not a proper way to secure your account, so if you tend to use passwords like these – change them immediately, then get yourself a password manager.
It's also worth checking out HaveIBeenPwned.com which will tell you if any of your accounts have turned up in website security breaches.
What type of password would be considered secure?
Passwords that you should use should be long and complicated. They should include special characters, lower and upper-case letters and numbers.
You may come up with a sentence and use the first letter of each word, which is easy to remember and stay safe and seemingly random.
Here are a few examples of safe passwords:
- [email protected]
Although a password manager will do an even better job and give you the likes of:
Notice the difference?
Even though our own generated passwords are considered to be quite strong and are unlikely ever to be randomly guessed the ones created by a password manager are twice as secure.
Without a password manager, you must remember them, but try remembering more than 5 of them, and you will see why password managers are necessary.
Make your Password Manager even more secure
There is another thing you can do to make your devices and accounts secure, which is to combine password managers with a hardware device.
Devices like YubiKey can be used to authenticate yourself (login) with your password manager. Plus add an extra layer of authentication known as 2FA (2 Factor Authentication).
That way, you won't have to remember a master password, nor allow someone else the opportunity to guess it or find it on a piece of paper.
You would be the only one who can access it with your hardware key.
All of the best password managers allow different types of authentication options and most support hardware devices such as the YubiKey.
How safe are password managers?
How safe your password manager is depends on a number of different factors.
A key one is the level of encryption they use. Make sure it is military-grade 256-bit AES encryption at least since this is uncrackable. Open source software also helps to ensure safety too since ever line of cod can be carefully scrutinised.
Another safety factor is the master password. If you go the effort of getting a password manager set up and then use a weak master password, it might not be worth all the effort.
Consider a paid password manager if you can afford it since these will often have extra security features that you can use. And always look out for two-factor authentication to ensure your password manager cannot be compromised.
Ultimately, all of the password managers in this guide should be secure, as long as you use them properly and sensibly.
Is it worth paying for a password manager?
If you can afford to pay, our advice is yes.
A paid-for plan with any of these password managers will unlock useful security features that will help you to keep your passwords, accounts, data, and links private and secure.
Paid-for plans will let you use your password manager on all devices and no-one sticks to just one device these days if they are honest.
It is not absolutely essential but a paid-for VPN is definitely worth the money if you can afford it.
A visual guide to Password Managers
Using password managers is extremely easy, and more than necessary these days.
With so many websites, we tend to have dozens of accounts, and if you are doing things properly – each of them has its own password.
But, remembering them all is impossible, and the likelihood is you use one or two passwords or a combination of the same password across all websites.
Don't be too hard on yourself, it's human nature, and you certainly won't be alone.
However, if you're looking to stay extra secure, then using LastPass or one of the other recommended apps in this guide will keep your passwords safe.
LassPass is the best password manager on the market for our money thanks to its combination of great apps for mobile devices like iOS and Android, desktop devices like Windows, MacOS, and Linux, and browser extensions for Chrome, Firefox, and more.
It has all the essential security features you need like two factor authentication and secure password sharing, and some great family deals and individual deals that mean it is a cost-effective and secure password management solution.
- Top Secure Email Services
- 21 Best VPN services to enhance your Privacy
- Leading Google alternatives to search privately
Illustration © Sujeet Kumar | Dreamstime.com