arthead - stock.adobe.com
8 best password managers of 2023
A dedicated tool can help simplify password management and improve online security for individuals and enterprises alike.
Passwords are an everyday part of life, used to log in to work accounts, bank accounts, mobile devices and gaming devices. But it's easy to forget them and mix them up between accounts.
Many companies are moving to passwordless authentication for its promise to improve user experience and security.
A benefit of passwordless authentication is that people don't need to remember all their passwords, instead using a passkey. Users sign in to their devices using biometric authentication or a PIN unique to their device. Still, passkeys do have some downsides. For one, they are a relatively new technology, and many websites and applications don't support them yet.
Passwords are a well-established part of enterprise identity and access management that will continue to be used for the foreseeable future. As such, companies should practice strong password hygiene by following these guidelines:
- Use passphrases, or a couple of long words strung together.
- Use unique passwords for every login.
- Change passwords at regular intervals.
- Use multifactor authentication whenever possible.
- Use password managers.
Why password managers are used
Passwords are inconvenient in just about every way. Coming up with a creative password that is both memorable and difficult to guess is a challenging task. To follow the above password hygiene rules is difficult for many people. Writing passwords down on a piece of paper or storing them on a USB drive or in a text document somewhere are all risky.
Password managers allay this struggle by providing a convenient and secure place to store all passwords, along with these basic core functions:
- device syncing
- storing existing passwords
- generating new passwords
- updating old passwords
- autofilling password forms
With a password manager, users only need to remember one master password to access the encrypted store of all their other passwords.
Web browsers and OSes sometimes come with their own integrated password managers, but a dedicated password manager application gives users the most control and flexibility.
Some factors to consider when choosing a password manager include the following:
- Online security audits. Be sure the password manager provider publishes third-party security audits as proof of its ability to protect sensitive data.
- Password storage limit. Some password managers only store a set number of passwords, while others are unlimited.
- Privacy policy. A password manager's privacy policy discloses the entities it shares data with.
- Compatibility. A good password manager is compatible with multiple hardware and software types. It should work between different web browsers, such as Chrome, Edge and Safari; different OSes, such as Android, iOS, Windows and Linux; and different devices, such as laptops and desktops.
- Ease of use. A good password manager should have a user-friendly, intuitive user interface.
- Biometric support. Password managers should be able to accommodate tools such as fingerprint readers and Face ID.
- Price. Password managers are often billed yearly and shouldn't generally cost more than $60 a year.
- Password sharing. Password managers should enable secure password sharing between users.
Top password managers
There are several dedicated password managers out there for consumer and enterprise use. These are some of the best:
1. 1Password
1Password is a paid password manager app that gives users the option of a free trial before signing up. It supports two-factor authentication and biometric authentication. It features a travel mode, which protects sensitive user data when crossing borders. Users can mark which data is safe for travel; data that isn't marked is removed from devices when travel mode is on. There is also a secure data-sharing service called Psst that lets users send a temporary link to share passwords and other information on the app. 1Password can be used with plugins for major browsers such as Chrome, Edge and Firefox.
2. Bitwarden
Bitwarden is a free and open source password manager. It supports passwordless authentication and biometric authentication. Bitwarden gives users the option of setting up their own server to sync passwords. The organizations feature enables secure password sharing with a specified group of people. The premium offering gives users additional customer support, encrypted file support and a password hygiene report.
3. Dashlane
Dashlane is a paid password manager with a free version available. The free version limits users to one device, 50 passwords and password sharing to five accounts. One unique feature of Dashlane is its bulk password changer, which resets many user passwords at once. Dashlane's premium plan includes a VPN provided by AnchorFree. Dashlane also offers a more expensive plan called the Friends & Family subscription, which provides dark web monitoring and up to 10 individual accounts.
4. KeePass
KeePass is a free and open source password manager that only stores data locally. This eliminates the possibility of user passwords being leaked by the vendor in the event of a data breach. KeePass is highly customizable, but requires users to sync passwords themselves using a file-sharing service. KeePass integrates with a wide array of browser extensions and plugins.
5. Keeper
Keeper is a paid password manager with an offline mode so that users can manage passwords without internet connectivity. It supports biometric authentication and two-factor authentication. It also has a one-time share feature that lets users share links that only work on one device and expire at a designated time. However, it is possible a user could lose their passwords if their computer malfunctions or fails.
6. LastPass
LastPass has free and paid tiers. The free tier syncs passwords on computers or mobile devices, but does not sync between them. It also has a password generator and lets users store unlimited passwords. The paid tier allows users to sync between all devices, supports physical two-factor authentication keys and monitors accounts on the dark web. LastPass disclosed data breaches in 2022. Customer data was exposed, drawing criticism from information security experts.
7. NordPass
NordPass is a password manager from NordVPN. NordPass has both free and paid plans. It has biometric support for desktop apps and two-factor authentication. The premium version lets six devices be logged in at once. NordPass also offers annual discounts.
8. RoboForm
RoboForm is one of the older offerings on the list, but has all the basic features needed from a password manager. It is known for its form-filling feature. It also has password sharing, two-factor authentication, data breach exposure notifications and a password generator. The free option doesn't sync across multiple devices.