In a hurry? The best password manager of 2021 is Dashlane
Dashlane is an advanced password manager with all the functionality you would expect from a market-leading brand: a free VPN, a one-click password importer and changer, dark web monitoring and encrypted cloud storage.View Deal
A great password manager can be a game-changer, especially in this new year. This is particularly true during this pandemic where millions are being forced to work for home, and it explains why so many of us have been looking for "password managers", as a search term, in recent times.
Most of us have scores of online accounts, and it's all too easy to fall into the habit of reusing the same password for multiple sites. It might be convenient, but it also leaves us in real danger; if just one of those sites is compromised, all your accounts will be at risk.
We evaluated dozens of password managers but ended up testing only a handful of them, which we trusted. Choosing the best one is an important decision, so we've put all the best options to the test, and picked out the ones that we'd trust to secure our own account details. Many of the password managers here offer both free and paid accounts, so you can pick one that suits your needs, and your wallet.
A good password manager will not only save you the effort of remembering dozens of different logins for all your online accounts, it will also help keep them secure by generating strong passwords that are impossible to guess, and storing them all safely in an encrypted vault.
Bear in mind that this buying guide focuses primarily on individual/consumer offerings. Check out our best business password manager buying guide for business and enterprise grade password management platforms. We've also featured the best password generators and best password recovery software around.
For a limited time, enjoy half off Dashlane Premium. Use the code CYBER20 at checkout, and join the millions using Dashlane to store and autofill their passwords.
Dashlane is a capable password manager for a single device, capable of storing logins for up to 50 accounts in a secure vault with multi-factor authentication, Like LastPass, it can do much more than just fill in passwords for you; it can also store all kinds of information and fill out forms with delivery addresses and contact details automatically.
So far so good, but Dashlane's premium service is even more impressive. Not only does it let you synchronize all your passwords across all your devices (both desktop and mobile), it also monitors the dark web for data breaches and sends you personalized alerts if any of your stored details appear in a batch of stolen data.
There's secure file storage too (ideal for scanned ID documents, insurance policies and receipts) and even a VPN for browsing the web more securely via Wi-Fi hotspots.
Unsurprisingly, all of this comes at a price, and Dashlane's premium plan is one of the most expensive options around, but the extra services (plus remote account access and priority support) do justify the cost. Note that Dashlane also has added new business features to its offering as of October 27.
NordPass offers a very capable password manager with browser plugins for Chrome, Firefox, Edge, and Opera, as well as desktop apps for Windows, macOS, and Linux, plus iOs and Android mobile devices.
As well as storing encrypted passwords, NordPass can also suggest strong passwords as well as offer to safely and securely store credit card and banking details for faster checkouts on ecommerce websites.
With the premium edition, you can then sync this information across up to 6 devices per licence. The free version only allows one, but you get to try out other premium features for a week.
Another positive is that there is no limitation to the number of passwords you can save, unlike some others that have restrictions. However, one restriction here is that NordPass won't autofill forms (automatically providing common details such as your name, address and email), like some other password managers offer.
Overall, though, NordPass is a highly capable password manager that does a little more than would be expected, and the further good news is that the missing autofill feature is apparently in development for a future release.
RoboForm is another versatile password manager, with plugins for all the major browsers and mobile apps for both iOS and Android.
The free version is superb, providing you with a secure vault for your logins (though you also have the option of only storing your data on your device if you prefer), an auditing tool to help you identify weak or duplicated passwords, and a password generator for replacing them with strong, unguessable combinations of numbers, letters and special characters.
Unlike LastPass, the free version of RoboForm doesn't sync your passwords across multiple devices. For that you'll need a premium subscription, but prices are very reasonable. You'll also get a host of other useful features, including the ability to share logins securely, multi-factor authentication, and priority 24/7 support.
1Password is a password manager that aims to deliver protection not just for individuals or organizations, but also provides a shared password protection system for families.
There are two main service provisions, with one being for individuals and their families, allowing either a single user or a family of up to five people to use the 1Password service for protected logins. There's also a business service that offers protection for those working from home, as well as teams and enterprises in general.
As well as providing all of the above, 1Password protects you from breaches and other threats, such as keyloggers and phishing attempts, and will only work in verified browsers.
The result is a very secure and competent password manager that covers both personal use as well as corporate use, including working from home, without compromising your security.
LastPass is easy to use, super-secure, packed with features, and offers both free and premium tiers so you can choose the option that suits you best.
All data is stored using AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to keep it secure - and this isn't limited to passwords either. You can also store credit card details and delivery addresses so they can be entered automatically when you're shopping online, plus encrypted notes, details of insurance policies and much more besides.
The free version of LastPass is superb, but premium accounts are very reasonably priced and offer an extremely useful extra feature: the ability to log into apps on your phone. Very few password managers offer this, and it could prove invaluable if you ever lose your phone, preventing people from accessing your emails and social media.
One of our favorite LastPass features is its support for multi-factor authentication, which helps protect you from phishing attempts by requiring an additional form of authorization to log into your accounts, such as a code generated by a mobile app or a fingerprint scan. Although it's becoming more widespread, not all sites and services offer this yet, so having all your logins secured in a vault that's protected this way is a real boon.
There's no free version of Keeper Password Manager, but you can try it for 30 days before deciding whether to commit to a subscription.
As you'd expect from a purely premium product, Keeper is one of the most sophisticated password managers around. Not only does it offer plugins for every major browser, plus mobile apps for iOS and Android, it's also available as a desktop app for Windows, macOS and Linux. There's support for biometric authentication on mobile devices too, and syncs your data across an unlimited number of devices.
Like the paid-for version of Dashlane, Keeper will warn you if any of your passwords appear in a data breach. It will also alert you if any of your passwords are particularly weak, or have been re-used, and help you create strong replacements.
There's an excellent family plan as well. This not only protects the login details of everyone in your household, it also lets you share files securely between one another and offers an encrypted messaging tool that's a solid alternative to WhatsApp if you'd prefer to avoid Facebook products.
Bitwarden is open source software that is user-friendly and highly secure, and includes almost everything individuals, teams, and businesses require in a password manager.
Bitwarden’s basic plans focus on the meat of password management, but even the free plans include multi-device sync, optional self-hosting, and unlimited online storage. Premium plans include reports on your passwords that highlight things like weak passwords and unsecured websites.
The pad-for plans include features for managing the passwords of a larger workforce, with password sharing, fine-grained access control, user groups, two-step login, and multi-factor authentication.
Bitwarden is not just one of the best free password managers available, it’s so usable and feature-packed it could put some paid password managers out of business.
LogMeOnce is a password management solution that offers cross-platform support, so it doesn't matter what device you use, whether desktop or mobile, your passwords and logins are still accessible as required.
Unusually, LogMeOnce gets rid of the need for a master password by putting in place additional security settings, so that you can't get locked out of your account simply by forgetting your master password.
It's also a service that offers additional security features, which includes the ability to encrypt and store your logins online to help with accessibility.
However, rather than just rely on passwords, LogMeOnce also offers biometric options, such as a selfie, fingerprint, face ID, as well as a PIN or password. The increased number of options means you can apply different levels of security to different logins.
As with other password managers, LogMeOnce is built to provide Single Sign On functionality, so once you're logged in with a service you shouldn't expect to need to keep signing into the self-same service.
mSecure covers all the essentials you need from a password manager. There's no limit on how many entries you can keep and the built-in categories enable you to store much more than passwords. All entries support custom fields and you can also separate entries into groups in lieu of simple tags.
The password generator included in mSecure works well, but it wasn’t our favorite. There's no option to force it to produce human-readable words. As a result, every password is a truly random string that’s hard to type if you don’t have auto-fill enabled. Notably, you also can’t access the password generator without creating a new record in mSecure.
mSecure is a quality password manager for individuals, with customizable templates and syncing across devices. It's also an affordable password manager that’s capable enough for most individual users. The only major thing missing is secure password sharing for families and teams.
If you need to share passwords between members of a team, Zoho Vault offers the granular control necessary. Zoho Vault’s user management, permissions, and password policy features set it apart from personal password managers and you can make batch changes to passwords with ease.
Zoho Vault can integrate with third-party enterprise apps like Gmail, Dropbox, Microsoft Active Directory, and Microsoft 365. Enterprise users can use Single Sign On (SSO) with cloud apps like Salesforce and Slack, and as Zoho Vault has an API, it’s possible to integrate it with any of your own apps.
Zoho Vault has excellent security, fine control over users and passwords, and superb third-party integrations. It’s also inexpensive, and customer support is one of the best we’ve seen in a password manager service.
We don’t particularly recommend it for personal use as most of the features are geared towards teams, making the interface somewhat complex, but it’s an outstanding password manager for organizations and corporates.
Free vs paid password manager: Pros and Cons
Dr. Sid Potbhare, CEO at Untethered Labs, tells us more about the advantages and disadvantages of free and paid password managers especially with regards to businesses and enterprises.
Password managers are fast becoming the tool of choice to manage our every increasing number of passwords. Password managers are most used to simply store passwords in a “vault” for access using a “master password” - so basically one password to rule them all. However, there are several advanced features that paid password managers provide that can further enhance their usability and effectiveness in keeping your passwords secure.
Free password managers
Once the user is logged in to the password vault, all the save passwords are available to the user to auto-fill or copy and paste, avoiding having to memorize and constantly retype these passwords. These passwords may be saved in the browser itself, and you can get access to them whenever you log on to the computer.
Another feature common across all free password managers is that they automatically fill in username, password, and/or OTP on the websites you visit. This auto-fill makes it easier to quickly login to websites without typing usernames and passwords. This way, you can create strong and complex passwords on every website for high security, but conveniently login without typing them. Hopefully the password manager also has password auto-capture. This is when a new password is created on a website, the password manager notices and prompts the user to save the new password for future auto-fill.
Other nice-to-have features typically include the ability to generate random and complex passwords, ability to detect anomalies in the attempted login, ability to use other mechanisms instead of a master password including physical tokens and biometric features. Of course, there are limitations to free password managers that may not meet everyone’s needs. For example, some password managers limit free users by the number of passwords they can save - this can be an unacceptable factor for many.
Paid password managers
As an individual user, paying for a password manager may not get you too many relevant extra features. However, as an enterprise organization, there are significantly more options for password managers.
For starters, deployment of a password manager for your organization is simplified. You can set complexity requirements of the master password for all employees, so that they do not end up setting up simple passwords to protect their credentials.
One of the key advantages of a paid password manager is that you and your employees can securely share passwords with each other. This is a huge advantage when you want to set up complex passwords for critical systems and web applications, and you want to provide access to it to your employees. Sharing passwords through the password manager makes it easy for a central authority to create, change and even remove the password for all users at once. Also, it reduces the tendency for users to resort to writing passwords on paper because the passwords are now too complex to write anyway. Then providing a more convenient mechanism to share anyway gives users an easier out. Sharing passwords is a significant risk point for password security and overall cyber security posture in general.
Many paid password managers also offer the ability to synchronize the password vault across multiple devices. This is useful when employees are using multiple devices (computers, laptops, phones, etc.) to access accounts through passwords.
Some paid password managers can also be implemented on the organization’s servers, instead of relying on the vendor’s servers. This allows the passwords to not only be stored securely on an organization’s own databases, but also reduces the risk of exposure in case the password manager vendor’s vault is compromised.
Consumers may be able to get away with using a free password manager, but for enterprise organizations, it makes sense to invest in the right password manager because the benefits from the gains in productivity alone simply outweigh the costs.
Should you store your passwords in your browser?
We asked Kevin Mitnick (yes, THAT Kevin Mitnick), Chief Hacking Officer at KnowBe4 whether storing our passwords in your default browser is a good idea. And here's his answer...
Storing your password in a browser is one method to track your passwords, but there are more secure methods such as using a password manager. Using a central tool to track your credentials provides different security levels not offered by browsers. Having a master password is one main reason.
Browsers store the login information, the credentials within its application, and are readily available to be used when the user visits a website. However, so can cybercriminals or anyone who gains access to your computer, either physically or remotely.
By using a password vault, everything is synced in one location and across multiple browsers. Password vault developers have no access to your vault data, as the user is the only one with the decryption key.
The password vault developers encrypt the vaults if and when they store it in the developer's cloud servers. You, as the user, are the only person with the decryption key. In this case, it's your strong password that secures the password vault and is unlocked when you type in the password to access all of the credentials.
Using multiple browsers like Chrome, Firefox, or Edge presents a challenge to access passwords across various platforms. While the browsers can generate passwords, the security of all your passwords and sensitive information is crucial. Unfortunately, the browsers do not provide any multi-factor authentication when accessing the password vault for the first time when using another computer.
Another misconception is that people try to keep their credentials safe by keeping them in a spreadsheet or document and saving it with a password, but this is by-passable as there are many tools available online that can be downloaded and used to crack the password.
- Take a look at our full guide to the best antivirus software