A few years back the breadth of our internet surfing was limited to maybe half a dozen sites. With the explosion of apps, services and platforms on the internet over the last decade, the number of accounts, and thus credentials, we need to use has skyrocketed.
Passwords, along with the usernames, are the primary layer of security for our online accounts. Their importance is often overlooked and this leads to security breaches and theft of the user’s personal data.
We cannot have any influence over the security infrastructure of the services we use, but we do have complete control over the passwords that we use, and we must make it a point to keep them as secure as possible.
A Password manager can help you save time and avoid frustration while keeping your accounts absolutely secure.
How to Decide on the Best Password Manager for you?
Everybody’s needs are different and we wouldn’t presume to tell which password manager is best for you. In our opinion, a few factors are critically important for most users, while other features are mostly good to have, but you can do without them.
6 crucial factors to consider when selecting a Password Manager
#1 Pricing – Free or Paid
Are you looking for a free password manager? You have some excellent open source options or a few closed-source which are often limited versions of the paid version.
Are you willing to pay for a password manager? If yes, then you’ll get some solid choices. Platform dependency may also have an impact on pricing of the password manager. All password managers follow their own pricing structure and can have different pricing for single-platform or multi-platform license.
#2 Multi-Platform Support – So that you can access your passwords anywhere
Which platforms do you use regularly? Most of the password managers support Windows, OS X, Android, and iOS natively but not Linux. Some password managers have native support for Linux as well, but most rely on supported browsers to give you access to your passwords. You can use supported platforms as a criterion for shortlisting your password manager.
#3 Browser support – So that you can keep using your favorite browser
Browser support is offered by most password managers as a complementary feature, though it is a very crucial one. If the browser you use the most is not supported, all of your account logins would have to be manual. Copy pasting usernames and passwords each time is as tedious as it sounds. So, verify support for the browser of your choice when shortlisting your password manager.
It is safe to assume that Chrome is supported, followed by Firefox. There is decent support for Safari and then some for Opera. Beyond that, I wouldn’t keep much hope.
#4 Data Encryption and Storage Practices – It’s all about Security
Are you comfortable with your password vault being stored in the cloud? Or do you want it completely local? Password managers, being security products, follow the industry standards for data security and use AES 128 or AES 256 encryption. Data encryption is usually done locally, and if it is not, you should take a serious look at their FAQ and understand how they are handling your data.
The single point of failure for all password managers is your Master Password. If you forget it, it is possible that your passwords are permanently lost. If it is leaked or exposed, the entirety of your password vault is at risk. Ultimately, the security of your passwords is in your hands and that’s why you should consider enabling two-factor authentication for your chosen password manager.
#5 Two-Factor Authentication – To add an extra layer of security
Two-factor authentication is a system of identity verification where you are required to verify your identity on a second device or via an authentication app (like Google Authenticator). This is a huge factor in improving the security of your data, as it cannot be decrypted without your master password and the second authentication code.
#6 Data Sync – To keep your info updated across devices
If you want to access your passwords on multiple devices, you will need to have your password vaults synced across devices and platforms.
Some of the password managers come with inbuilt sync feature. Enable the sync feature and they will take care of keeping your data in sync for all of your authorized devices. For some other password managers, like KeePass, you can use sync services like Dropbox, Box, Google Drive or iCloud to keep the password vaults in sync.
Other Important Factors to Consider
Password Generator – So that you don’t have to rack your brains to come up with complex, secure passwords
Password generators are useful to create secure, difficult-to-crack passwords with a single click. Ideally, your password manager will offer to generate a password for you when you are signing up on some site and, of course, fill in the same generated password in the ‘confirm password field.
Password Capture – So that new passwords or updates are captured automatically
Any new account that you create on a website is captured automatically. Also, if you change the password, the change is detected and you can replace the existing password with the new one.
Password Audits – To be able to see the status of your passwords
Password managers can analyze how safe your passwords are and let you know which passwords need to be changed. They also keep track of the last time the password was changed, indicate they password are old and need to be changed.
Password Changer – To set a new password for your account in a single click
Some password managers can help you change the passwords for your accounts. It does not work for all sites, though. For some sites, it just redirects you to the URL where you can change the password, and the browser extension captures it once saved. For others, you can change the password right there in the app with just one click. In any case, it is a cool feature to have.
Security Breach and Compromised Password Alerts – So that you can change your password in a timely manner
Security breaches and data leaks occur. It’s usually not a matter of if but when. Some password managers keep a tab on data leaks and security breaches around the web, and if you use a service that suffered from the breach, you get an alert to change the password for your account.
Works with Apps – As we spend a lot of time on our smartphones
Native apps for iOS and Android are capable of providing full functionality of a password manager, which includes logging you into websites or even apps. Not all password managers may support it, and it may be flaky at times, but it is a really useful feature to have your credentials entered for you instead of typing away on a tiny keyboard.
Online and Offline Access – To have uninterrupted access to your data
Offline access is usually not a problem for most password managers. If you sync your password vault across devices, though, you will have to be online at least once to get all of your passwords and latest changes synced to your device. Once done, you can access all the data offline.
Password Sharing – Because someone besides you may need to access the same account
Sharing is important when it comes to accounts besides personal emails and banking. You might need to share accounts for social media, forums or services that you use with a colleague or a trusted friend. Instead of copy-pasting it over a messaging app, secure sharing via the password manager is definitely a better option.
Also, it gives you ongoing control and you may revoke the access if you need to.
Secure Notes and other data – So that any information you need is easily accessible
Password managers can go beyond usernames and passwords and can securely save your documents, licenses, financial information and any other generic information, and enable easy access for you as and when required.
User Profiles – So that you can use any of your online profiles on the fly
Most of us have multiple online profiles, or if you are sharing the password manager with your family, all the members will have individual profiles. While filling web forms, a support for multiple user profiles can make your task completely trivial.
Emergency Will – So that your passwords can be shared with someone in an emergency
Wouldn’t you like your spouse, sibling, parents or a trusted individual to have access to your password vault at times of emergency? This feature lets you do just that.
Import and Export Data – So that you are not locked in
You can import data from browsers or even competing password managers. If required, you can export the data in your password manager, usually to an excel document.
Let’s take a look at the password managers mentioned here and see which one is best for whom.
Dashlane is a freemium, cross-platform password manager with a very nice UI. It is a feature rich tool with most features that you can look for in a password manager. It supports all the popular browsers, has it’s own browser for usage on mobile platforms and I love the seamless sync and sharing features it offers.
Dashlane Free is ideal for use as a full-fledged local password manager. The free version is good for a single platform or when you do not need cross-platform sync.
Dashlane Pro opens up the full functionality of the tool, offering seamless sync and unlimited sharing. Dashlane authenticates users by devices and web access from any device is available for Pro plans. I love using Dashlane as it takes many security concerns, like generating, capturing and entering credentials and security breach alerts, off my hands and saves tons of time and effort navigating tons of sites on a daily basis.
The premium version of Dashlane, at $39.99 / year, is expensive compared to the competition.
LastPass is a veteran tool in the field of password managers. LastPass has grown to be a leader in this field on the basis of being a functional, feature rich application and having a large user base. It has extensive support across platforms and browsers, and even offers a portable version.
LastPass is probably the best freemium app out there when considering the balance of premium version pricing and the features offered by the paid version. The premium version of LastPass is $12 / year and adds the capability of managing desktop application passwords and more control over sharing of a password.
If you are looking for a free, closed-source, cross-platform password manager, LastPass is a good option to consider.
KeePass is the veteran leader of open source password managers. KeePass was developed for Windows and works smoothly on the platform. It has a huge, active community of users who have created ports of the password manager for different platforms, plugins that extend the functionality of the software and extensions for browsers as well.
KeePass is free, but the ports to some of the other platforms can be paid. Being open sourced and free, it does not have the bells and whistles of many of the other password managers. It also has a dated UI that may need some getting used to. You will have to take some efforts to set it up with all features that you want, and use third party tools like Dropbox to achieve sync across platforms.
The downside of using ported versions is that improper implementation of the software can cause data corruption. I have been at the receiving end of this – the KDBX file containing all of my passwords blew up from a few KB to over 200 MB, making it bloated, difficult to sync and almost unusable on mobile. This problem was my primary inspiration to look for an alternative to KeePass.
1Password started as a password manager for Apple platforms and extended support for other platforms later. It is a feature rich password manager that goes head-to-head with Dashlane and LastPass in terms of functionality but falls short on the the free side of the software. 1Password can be used for free for one month, but once that is over, you have to go premium.
Traditionally, 1Password Pro plan meant buying a license for platforms that you want supported. If you go that way, you might need to buy a new license when a new version of the software is released.
The other option is to get a monthly subscription plan at $2.99 / month totaling to $35.88 / year. There is also the option to go for a family plan that starts at $4.99 / month for 5 users and allows additional users for $1 per user per month.
Security Goes Beyond Using a Password Manager
To keep your passwords safe, you need to adopt general security practices so that your master password is not inadvertently compromised.
Best Security Practices While Using a Password Manager
- Don’t share your password manager with anyone, unless you absolutely trust the person. You might want to set up the Password Will instead.
- Use 2FA (Two Factor Authentication) with your password manager, if available.
- Don’t use the password manager on shared / public systems. If you have to, you should try to use a one-time password.
- Don’t use cracked / pirated versions of operating systems. These versions, often torrented, can be cracked to inject key-loggers in the OS, causing them to capture all of your keystrokes – including your master password.
- Use an antivirus. A malware infection can compromise your system.
- Don’t allow your browsers to remember the passwords.
- Always keep your system locked when you move away from it.
Dashlane Vs. LastPass Vs. KeePass
|Browser Extension||Yes||Yes||Yes (Started out as a browser extension)|
|Auto-Login||This feature can be added by utilizing a plugin for KeePass||Yes||Yes|
|Compatible on All Devices||Yes. Compatible apps are available on all platforms.||Yes||Yes|
|Cloud-Based||No. But Portable version can be synched across all devices.||Yes (With a $29.99 Annual Subscription)||Yes|
|Two Step Verification||Yes. Asks for Windows Login and a Key File which makes it a 3-step verification.||Yes. Via Google Authenticator||Yes. Via Google Authenticator|
|Integrates with Google Authenticator||No||Yes||Yes|
Most people have some common questions when it comes to security and the way your passwords are handled while using these tools.
The Bottomline: Use a Password Manager.
I use Dashlane password manager, having migrated over to it from KeePass. It might be a good password manager for you too, or you can consider one of the several mainstream password managers. You can use the factors mentioned here for shortlisting one that meets your needs.
Which password manager do you use or plan to use? Which password manager would you like us to look into next? Let us know in the comments!