4 Top-Rated Password Managers to Protect Your Online Accounts
When it comes to creating logins for online accounts, people typically choose a common or easy-to-guess password and then use it multiple times, said Kevin Lee, a researcher and alumnus of the Center for Information Technology Policy at Princeton University. In general, he said, these “extremely bad” passwords leave information vulnerable to cybercriminals — something a password manager can help remedy.
“A password manager is a tool that stores and generates the login credentials for your online accounts,” Lee explained. It’s a security measure you can take advantage of to avoid identity theft and hacking, and it eliminates the need to remember every single password.
LEARN MORE What is a password manager? | Should you use a password manager?
There are a handful of password managers to choose from – some of them come pre-installed in your browsers, while others can be installed as standalone apps. We spoke to experts about how a password manager can make you more secure online and rounded up four top-rated and recommended options.
Expertly Guided Password Managers
Since we don’t test password managers ourselves, we rely on expert guidance and staff experience to determine which password managers are the best. In line with our experts’ advice, we only recommended external password managers (we explain the difference between external and browser-based password managers below). You can download all of the following administrators as apps or browser extensions. Our recommended choices offer personal, family and business plans.
1Password
Select Reporter Harry Rabinowitz has used 1Password for years and has found it to be a good option for most people. It allows you to store unlimited passwords as well as other items, such as credit cards, bank documents and tax files.
It’s available as a personal account or a family plan, which lets you invite up to five guests to your account, restore accounts for banned users, share passwords, and more. Rabinowitz uses the Family Plan, which has helped tremendously in reducing the “What’s the password for…?” conversations in his family group chat.
The Bitwarden
Bitwarden is another top-rated alternative known for its robust free version. The free plan allows you to store an unlimited number of passwords on an unlimited number of devices, which most competitors put behind a paywall. The free plan can be used by up to two users, according to the brand.
Bitwarden Premium and Families offer additional features, such as two-factor authentication, password reports, credit card storage, identification storage and more.
Keeper
Keeper is similar to 1Password and Bitwarden, but features an offline mode for when you need to access your passwords off the web. Another notable feature is emergency contacts: you can add up to five contacts who can access your account in an emergency.
A personal account has both free and paid versions, while the family version for five people is only paid. Like 1Password and Bitwarden, Keeper allows you to store identity and payment information as well as sensitive files.
Dashlane
Dashlane has similar features to our other recommendations, but the premium plan comes with a VPN service. VPNs are inherently expensive; Combining a password manager and a VPN together makes Dashlane premium a good value.
In total, you can choose between a free, premium or family subscription. The free version stores up to 50 passwords for one device. Like other password managers, Dashlane Premium generates passwords for you, stores passwords and documents, and allows for a family plan with up to six members.
What is a password manager?
A password manager randomly generates and automatically fills in your passwords when you set up an account online, Lee said. It also stores all the unique passwords it creates for each of your accounts, meaning you don’t have to remember them.
To start using a password manager, you must first create a primary password, sometimes called the master password. Lee said you use the primary password to authenticate yourself to the password manager, giving you access to all the information it stores. That way, you only need to remember your primary password; your password manager remembers all of your other passwords, including the ones it generates for new online accounts
All information stored on your password managers is encrypted – or encrypted – before it is stored on the server. It can only be decrypted by you when you enter your primary password. This is why it’s so important to remember your primary password—the password manager doesn’t store it for you. That way, only you can “unlock the contents of your vault,” Lee said.
In addition, some password managers offer two-factor authentication. This can take the form of a fingerprint, a code on an authentication app or a code sent via email or text message. Two-factor authentication is a great way to add another layer of protection to your data.
Browser-based versus external password managers
There are two types of password managers: browser-based and external. Each has its own pros and cons, but no matter what you choose, using any password manager is better than not using one at all, Lee said.
- Browser-based password managers is linked to browsers such as Google Chrome, Apple Safari or Mozilla Firefox. This means that you only have access to the passwords stored in the specific browser or mobile app. Browser-based password managers are usually free.
- External password managers – also called third-party password managers – can be installed on your desktop, as an app or as a browser extension. All our recommended managers are external. External password managers are usually available with free and paid versions, which affects the features and services they offer.
Lee said that both types of password managers can sync across your devices as long as they’re installed and signed in to those devices.
Should you use a password manager?
Everyone can benefit from a password manager. Password managers are useful because they help you avoid two of the biggest mistakes people make when generating passwords: using common passwords and reusing the same ones for multiple accounts.
In general, Lee said people use very common passwords when creating them — such as 123456 — which makes it easier for cybercriminals to gain access to accounts. In fact, attackers will almost always use a list of common passwords when trying to guess the password for an account. Since password managers randomly generate unique passwords, they are more challenging for cybercriminals to guess.
Password managers are also useful because many people reuse the same password across multiple accounts. Lee said the typical user has over 150 accounts, but trying to remember over 150 different passwords is challenging. If one of those sites suffers a password breach, all the accounts using the same password are at risk of being hijacked, Lee said. With a password manager, you ensure that you do not reuse passwords, which also makes it challenging for cybercriminals to hack into your accounts.
Meet our experts
At Select, we work with experts who have specialized knowledge and authority based on relevant training and/or experience. We also take steps to ensure that all expert advice and recommendations are provided independently and without any unknown financial conflicts of interest.
- Kevin Lee is a researcher and alumnus of the Center for Information Technology Policy at Princeton University.
Stay tuned for Select’s in-depth coverage of personal finance, technology and tools, wellness and more, and follow us on Facebook, Instagram and Twitter to keep up-to-date.
