Best Password Managers

So, what is the best password manager?  There are several ones out there that offer various features, some of which are free and others which are not.  Some password managers require you to purchase a paid subscription before you can use them at all, though that generally means they have the tech to make your money worth it.  We’ve taken these features, both free and paid, into consideration in order to come up with a list of 6 popular and trusted password managers that you may want to try.

Best free password managers

Sticky Password

(www.stickypassword.com)

Sticky Password is a popular password manager.  It includes standard password managing functions, form auto-fillers (for both log-in information and stuff like address or credit card details), a random password generator, and client-side encryption (so not even Sticky Password knows how to get at your passwords).  However, it doesn’t have any security testing features to speak of.  Also, you need a paid subscription in order to back up your passwords to “the cloud”, or share your information on Sticky Password across all of the devices that you use it on.

Dashlane

(www.dashlane.com)

Dashlane is another popular and secure password manager.  Like LastPass, it has features such as a form auto-filler, a security tester, and a random password generator.  One of its downsides when compared to LastPass is that you have to have a paid subscription in order to get a secure cloud-based backup of your passwords, or access your passwords from the Dashlane website (instead of the device on which Dashlane is installed).  However, an advantage is that your passwords are scrambled on your computer before they’re backed up on Dashlane, so nobody except you will know how to get at them.

LastPass

(www.lastpass.com)

LastPass is one of the most popular and trusted password manager services.  In addition to making it easy to store passwords and other log-in credentials as soon as you enter them into a website, LastPass has a ton of other neat features.  These include the ability to automatically fill out information forms (such as address or credit card forms), a random password generator, and a test that checks how strong your passwords and overall Internet security are.  Buying a paid subscription allows you to use LastPass on your mobile devices, and gives you priority access to customer service if you ever have a problem.

KeePass

(http://keepass.info)

KeePass is an open source password manager (which means people can look inside and see how it works), and it’s also totally free.  It allows passwords to be organized into different groups, and even imported from or exported to a spreadsheet.  It also allows for filling out information forms by pressing a certain sequence of buttons, and contains an automatic password generator.  Its main downsides are that it doesn’t offer backups in “the cloud”, and that the interface takes a little getting used to.

Best paid password managers

RoboForm

(www.roboform.com)

RoboForm is a password manager that features many of the same features as LastPass and Dashlane, including a form auto-filler and random password generator.  However, it places a higher priority on being user-friendly, with no advertisements, a handy “start page” to let you get to your favourite websites quickly, and a search bar that puts a search engine at your fingertips.  Unfortunately, the free version only allows you to save log-in information for up to 10 accounts.  And, similar to Dashlane, you need a paid subscription to store a backup of your passwords in “the cloud”, or be able to use the same information in RoboForm across all of your devices that use it.

PasswordBox

(www.passwordbox.com)

PasswordBox is a somewhat unique password manager.  In addition to having standard password storing and secure sharing functions, it also has a notable feature called the Legacy Locker.  This allows you to let someone else access your passwords on your behalf if something happens to you.   The main disadvantages of PasswordBox are that its free version only allows you to store a certain number of log-in credentials (though the paid version removes this), and that it doesn’t have a feature that allows you to check your password strength.  It also doesn’t have a feature that automatically fills out web page information forms for you.

 

Overall, we’d recommend Dashlane or Sticky Password if you want lots of features for not a lot of money, RoboForm or PasswordBox if ease of use is your top concern, and KeePass if you’re a little more tech-savvy and just want something that’s simple but functional.  Of course, we’d love to know what you think of these password managers if you’ve used them, or perhaps some other ones that you’d recommend as alternatives.  Leave a comment below, or give us a shout on our Facebook or Twitter pages!


Are Password Managers Safe?

For the most part, password managers like Dashlane.com and StickyPassword.com are a very safe and practical solution when it comes to storing and organizing your passwords.  They encrypt all passwords that you put inside of them, so if anyone tries to break into them, your passwords will appear as incorrect gibberish. 

Also, many password managers allow you to automatically and securely complete forms of information that you're often asked for when you sign up for accounts or pay for things.  This protects against certain hackers and forms of spyware that can track the actual keys that you press when you type in your information.  Some can also check the credentials of websites when you auto-enter your information, and alert you if one is trying to pull a phishing scam on you.

There are, however, three key risks when using password managers:

  • Most password managers rely on a master password in order to access them and scramble the information within.  If a hacker somehow breaks the master password on your password manager, they can get at all of your other passwords.

  • Password managers won't protect you against hackers or spyware programs that hijack your computer or web browser.  These will simply wait until you enter your password, and then steal your information or use your account without your permission once you're already logged in.

  • If you use a cloud-based password manager (see our What is The Cloud article for more information about "the cloud" and how it works), such as one on a website or inside your web browser, you face the same dilemma as when using other cloud-based services.  That is, you have to trust the company that supplies the password manager to hold onto your information for you.

The only major risk is the first one; the other two are risks that people more-or-less inevitably take on the Internet these days, whether or not they specifically use a password manager.  And fortunately, there are steps you can take to keep yourself safe when using a password manager, too.

Tips for using password managers safely

1.  If possible, use a web-based password manager.

We know that we just said that using cloud-based services can be risky, as it means putting your information into someone else's hands.  However, it's generally safer to use a cloud-based password manager as opposed to one on your computer desktop. 

The reason for this is that the companies that run cloud-based password managers have securely-designed server computers that are much better equipped to keep your information safe than your personal computer is.  If you use a desktop password manager, a hacker who takes control of your computer may be able to find the file that contains your passwords and force their way into it or delete it. 

2.  Use a strong master password.

As we mentioned, most password managers use a master password as the key to accessing the program, and sometimes mixing up your passwords while they're stored so that cyber-burglars can't make sense of them.  Therefore, it's a good idea to make your master password your strongest one.  See our How to Make a Strong Password tutorial for tips on how to make a password as secure as can be.

Also, never store your master password (or clues relating to it) directly on your computer.  Instead, if you need help remembering it, write it (or its clues) down on a physical piece of paper, and store it in a safe place where only you know how to get at it.

3.  Take regular precautions for protecting yourself on the Internet.

The biggest threats to your safety when using password managers are from hackers and spyware, which are general dangers that people face on the Internet every day.  Therefore, the easiest way to keep yourself safe when using a password manager is to follow the other general safety tips that we outlined in our Introduction to Internet Safety course.  These include:

  • Select and use a strong antivirus program, and keep it updated.

  • Keep your operating system, browsers, and other programs updated.

  • Know how to identify and avoid suspicious emails or websites.

  • Never give out information about your passwords over social media, email, or chat services.

  • Log out of your password manager and website accounts when you're done using them.

 

Follow these recommendations, and it should be smooth (and safe) sailing for you and your use of password managers!


What is a Password Manager?

A password manager is a computer program, web browser add-on, or website that allows you to store and organize the passwords for your accounts on various websites.  This replaces the need for you to remember them all in your head (which is pretty much impossible), or write them (or clues relating to them) down somewhere in real life and retrieve them from a safe place when you need them.

How do password managers work?

Some general features of password managers include the following:

  • Usually, a password manager scrambles the passwords that you put inside it, meaning that they appear as gibberish to anyone who breaks into it. 

  • Password managers usually rely on a master password, a single strong password that you use in order to both access your password manager and unscramble the information within it.

  • Many password managers allow you to input additional information, such as your address or credit card details, and can automatically fill out forms on the Internet where this information is required with a few clicks and button presses.

  • Some password managers have a function that allows you to check the security of both your individual passwords and your system of passwords as a whole (such as whether or not you use the same password for multiple websites, or have changed a password recently).

  • Many password managers contain the ability to generate random passwords for you to use.  See our Password Generators tutorial for more information on these.

  • Some password managers can make backup copies of your passwords and other details and store them in "the cloud" (see our What is The Cloud article for more information), so you'll still have them even if something happens to your computer.

How to use password managers

In order to demonstrate how to use password managers, we're going to show you one called LastPass.  It's a very popular and trusted password manager; you can find out more information about it — and other password managers that are similarly well-known like Dashlane.com and StickyPassword.com— in our Best Password Managers article.

1. Download a password manager, and install it and/or create an account.

The first step is to download your password manager from its website and open it up.  Now that we have it open, we need to create a new account.  This includes entering an email address, which is a standard credential for Internet accounts.

We also need to create a master password and a copy of it; this is going to be your primary line of defense against people wanting to get at your passwords without your permission, so make sure it's strong.  Some password managers, like this one, will help you out by gauging the strength of your master password.

As you can see here, we also have to enter a hint for our master password that can be sent to us by email in case we forget it, and agree to play by the rules of LastPass.  Now, we can click Create Account.

2.  Log into your password manager.

LastPass asks you to install it on your default web browser; simply allow this, and restart your browser if you have to.  Now, click on the LastPass Icon in your browser's toolbar at the top.

From here, type in your master password.  Make sure that the box beside "Remember Password" is unchecked; this prevents someone else who uses your computer (whether you let them or not) from logging into your account and accessing your passwords easily.  Then click Log In.

3.  Add your credentials for a website to your password manager.

LastPass allows you to add your log-in information for a website easily from the log-in screen, so let's find a website that requires that.  In this case, we've chosen Facebook.

Simply click the LastPass icon beside a place on a website where you have to enter log-in information, and click Save Site at the top.  Then, fill in the website name, pick a category for it, and enter your log-in credentials (email address, user name, phone number, etc.) and your password.  Then click the Save Site button at the bottom.

You can also add websites manually.  You can do this in LastPass by clicking the icon again, then clicking the Sites option, and then Add Site.

Then, just type in its U.R.L. address and site title, pick a category for it, and type in your user credentials and password (click the eye icon to reveal or hide your password).  You can also add notes about this website, and select whether you want other features of LastPass to be used on it.  When you're done, click OK.

4.  When you need to log into a website, call up your information.

Now, when you go back to a website that requires you to log into an account, you can open your password manager and find the necessary information.  LastPass makes it really easy:

  • Click the LastPass icon beside a box where you need to input your log-in information.

  • Select the account that you wish to enter information for from the drop-down menu.

  • Your information will automatically be filled in, so just log in!

 

Well, that's a brief introduction to what password managers are and how they work!  If you'd like to learn about how to use a specific password manager, let us know in the comments, or on Facebook or Twitter.  We'll put it on our "to do" list for courses!