Over the past year, 4.2 billion passwords have been stolen. This extraordinary number should worry anyone who is dealing with the Internet.
The US Federal Trade Commission analyzed what is happening with these credentials once they are stolen. The stolen logins to Facebook, Google, Netflix, and online bank accounts are published on hacker forums.
On average, it takes only nine minutes to hack your account. Since two out of three users use the same password for several services, a stolen key opens many doors at the same time.
The above number also demonstrates that now passwords can be stolen not only from those individuals who become the victims of the phishing scam.
Hackers are aiming for large services, which promise them a huge profit. Among others, huge IT concerns such as Yahoo! and Uber became the target of hackers.
Recent researches showed that some time ago, the average amount of passwords reached 20 to 30 per user. The latest figures show a much larger number. Password managers, used for corporate purposes, averagely stores 191 passwords. But even those people who use only ten accounts, very often ignore the basic protection rule: not to use a password for more than one account.
This is the problem the seven password managers we tested help to solve. They act as a safe for secure passwords and work on Android, iOS, MacOS, and Windows. They centrally store all passwords in one place.
These products use strong AES encryption with a virtually unbreakable 256 bits key for protection. Such a database can only be unlocked using the correct master password.
Thus, the user is not required to remember the password for each of his account, but only the one master password that opens the safe holding all the other codes.
Two Basic Principles
All the products we tested work on two different principles: online service and local storage. Each of them has its own pros and cons.
Most of the platforms are online services. They store the encrypted password database in their data centers.
For the user, this is the most convenient solution, as they can use the passwords not only on a desktop computer but also on smartphones and tablets.
In this case, to start the synchronization, it is enough just to enter the master login and password information. All codes will be at your fingertips anytime, anywhere.
However, such services require you to trust the provider and believe that the hackers cannot access the master password and the database in any possible way.
The second basic principle the developers choose is the local storage of the password database. Its major advantage is that the user has complete control over the safe.
This method is less convenient since you are the one that has to think about how to get the passwords from your smartphone.
Also, most solutions provide the two-factor authentication. This means that in addition to the master password, you need to enter the second factor to access the repository.
The second factor of authentication can be a QR code, your fingerprint, a code in a text message sent to your phone, etc. You can be sure that even if the master password of the database falls into the wrong hands, the perpetrator will not be able to access it.
7 Best Password Managers in 2018
Supported platforms: Web, Mac, Windows, Linux, Chrome, Firefox, Safari, Internet Explorer, Opera, Microsoft Edge, Android, iOS, Windows Mobile.
Pricing: limited free version, Premium — $2/mo for 1 user, Families — $4/mo for up to 6 users.
When installing it on a computer, the app suggests adding an extension to store passwords in the browser. For smartphones and tablets, there are the applications available in the respective app stores.
Data is encrypted and decrypted at the device level. Not even LastPass itself has access to the main password and decryption keys.
You can share passwords with colleagues and family members, choosing whether they will see the code itself or just get access to the service for a certain time. LastPass authorizes the user on sites using the saved passwords.
- Effortless login and access to all your passwords: all you need is only one master password.
- Simple online payments: the application automatically fills in all the payment details.
- Strong password generation: you don’t have to think about complex combinations.
- Storage of all other authentication data not only passwords.
- The free version comes with a great set of features.
- Affordable pricing plans, attractive family plan for up to 6 users.
- Powerful two-factor authentication feature.
- Supports almost all possible devices, both desktop and mobile.
- Intuitive user-friendly interface similar when used on different platforms.
- The standalone app is available only on Mac. For all other operating systems, you will have to use the browser extensions.
Supported platforms: Web, Android, iOS, macOS, Windows, Linux.
Pricing: Free (50 passwords on 1 device), Premium (without limits) — $3.33/mo.
After installation, Dashlane will check the database and if it detects any weak, duplicate or damaged passwords, it will suggest replacing them.
If the site you are using has been hacked, the manager will warn you about it. In addition, Dashlane can store data from bank cards and accounts, as well as invoices for purchases from online stores.
Dashlane offers intuitive apps for your iPhone or Android device which makes it easy to manage.
- Password storage and automatic fill. Do not type the passwords and fill in huge online forms anymore — the service will save and fill the personal information, payment details, and passwords.
- Password generator to create really strong and unique passwords with one click.
- Secure Notes to protect the important information and sensitive documents.
- Identity Dashboard to control your security from any available device.
- Personal alerts to inform you about your personal data leaks.
- Wi-Fi protection via the built-in
- Secure sharing with anyone you trust (family members, friends or coworkers).
- Instant synchronization between all devices.
- Strong encryption protocol.
- Great user-friendly
- Smooth instant synchronization.
- Supports all the popular operating systems and browsers.
- More expensive than some competitors.
Supported platforms: macOS, iOS, Windows, Android, Linux, Command Line, Chrome OS, Google Chrome, Microsoft Edge, Opera, Firefox, Safari, as well as 1Password X — autonomous browser extensions without desktop application.
Pricing: individual plan for $2.99/mo and family plan for $4.99/mo for up to 5 users.
The software is able to work without network connection as well as synchronize storage via network folders, Wi-Fi or cloud drives such as Dropbox and iCloud. You can configure access for other users or specify trusted contacts.
The manager runs on Windows and macOS and also has extensions for popular browsers: Firefox, Opera, Chrome, and Safari. The mobile applications are available after purchasing a license. However, they have a trial period of 30 days.
- Unlimited amount of devices to use the service everywhere at any time.
- Digital wallet to store personal data like receipts and credit cards.
- Watchtower to alert the user about online threats.
- Friendly high-quality technical support.
- Advanced encryption with the highly reliable AES-256 protocol.
- Travel mode clears the sensitive data stored on your devices and restores them when you come back home.
- Strong and powerful password generator.
- Special version for slow computers.
- Powerful form filling.
- Offline mode to work without an Internet connection
- Great categorization
- Smooth synchronization.
- Supports almost all possible devices and platforms.
- No two-factor authentication.
- Quite expensive plans.
- Not the easiest interface to cope with for beginners.
Supported platforms: Android, iOS, macOS, Windows, Linux, Chrome OS, Google Chrome, Mozilla Firefox, Opera, Safari, Microsoft Edge.
Pricing: Limited free version, individual plan for $23.88/year, and family plan for $47.75 for up to 5 users.
RoboForm will not only save passwords but it will also protect you from phishing attacks. The application remembers what the correct link to the service looks like and warns the potential danger when the user enters any authorization or payment data.
RoboForm can be installed on mobile devices for free but the synchronization with a computer is possible only after paying a subscription.
- Easy login on every website with one click.
- Automatic password safe without any additional efforts.
- Access from any device and major browsers.
- Instant synchronization between all the devices.
- Access in offline mode on desktop computers.
- Password storage in folders makes them easy to be found with the powerful search feature and create bookmarks for the most used items.
- Import and export feature.
- Password generator to create unique, strong, and reliable passwords.
- Security center to control password
- Ultimate AES 256 bit encryption with PBKDF2 SHA256: no one will be able to hack your account.
- Two-factor authentication working with the most popular providers including Microsoft Authenticator, Google Authenticator, and Authy.
- Trusted contacts for emergency access.
- Store sensitive financial information not only passwords.
- User-friendly 24/7/365 customer support in live chat mode.
- Instant form filling.
- Affordable pricing plans, timeless free version.
- Works on a bunch of platforms and devices.
- The web interface in read-only
- No synchronization in the free version
- Outdated design on some platforms.
Supported platforms: Windows is the only officially supported platform. There are also unofficial ports for Mac OS, Android, iOS, Windows Phone, Windows Tablet, Pocket PC, BlackBerry, Chromebook, J2ME, Palm OS, Command Line, Linux, browsers, and web servers.
Pricing: free and opensource
Free open source password manager. Despite its outdated interface, it offers a high level of security. The application has a portable version that can be downloaded from a flash drive without the need of installing it on a computer.
KeePass does not have a sync feature. You can transfer the database on a flash drive or use cloud storage to access the passwords on different devices. If you store the portable app and its database in the cloud, then no other synchronization is required.
- Powerful security with strong protocols.
- No installation required, accessible on any device via the cloud storage.
- Export to HTML, TXT, CSV and XML formats, import from a lot of other formats.
- Sorting of the passwords, convenient search feature.
- Random password generator.
- Plugins support.
- Powerful features, rich customization abilities.
- Logins and passwords can be imported from many browsers and password managers.
- Manages the passwords in many applications.
- Portable and lightweight.
- Difficult setup and outdated
- No automatic synchronization between the devices. You may require specific skills to set up everything manually.
- Does not automatically capture new credentials.
Supported platforms: Android, iOS, macOS, Windows, BlackBerry, Amazon Kindle Fire, Nokia X.
Pricing: limited free version, premium version for $29.99/year or $149.99 for a lifetime license.
This is a manager from the developers of AVG antivirus that can capture data even from old forms and manage application passwords. Supports direct synchronization via Wi-Fi. The service does not provide access to passwords online, which increases the security level.
- One master password to access all the data on any device including passwords and credit cards numbers.
- Automatic forms filling.
- Extra strong password generator.
- Military level AES‑256 encryption.
- Synchronize the passwords and other data via the local Wi-Fi network, via the cloud server, as well as manually in the offline mode.
- Absolutely anonymous master password.
- Fingerprint scanners support.
- Password database automatic locks on any device to prevent any unauthorized access.
- Full control over your passwords.
- Supports all the popular platforms, operating systems, and devices, including 16 most popular browsers on 4 major platforms.
- Excellent portability — Use the application on a USB
- Encrypted database backup to access it in extreme cases. You will be able to access several versions of backup files.
- User-friendly intuitive interface with a bunch of excellent features.
- Ability to sync the passwords via the home Wi-Fi network only.
- The chance to buy a lifetime license.
- The application stores the passwords from all other desktop and mobile apps.
- Reliable and helpful support team.
- Cannot securely share the passwords with other users.
- Quite outdated and not attractive web interface.
Supported platforms: iOS, Android, MacOS, Windows, Windows Mobile, Chrome OS, Linux, portable.
Pricing: free desktop application, lifetime license for $9.99 per each mobile platform.
Enpass offers two data storage options: locally on the computer and remotely in the cloud. By default, the passwords are stored locally but when you turn on the synchronization, the data is transferred in an encrypted form via Dropbox, Google Drive, OneDrive, and other storages.
Together with Enpass, the service provides a password generator where you can choose the code generation parameters (length and use of certain characters). The generator is built into the add password window, which allows you to quickly create complex keys for different accounts.
- Highly reliable cryptography algorithm: 256-bit AES with 24,000 rounds of PBKDF2 with the peer-reviewed and open-source encryption engine SQLCipher.
- Master password to access all the data. Keep in mind that if you forget it, you will lose your data forever.
- By default, the data is stored locally. However, you’re able to choose a lot of cloud storages to save it online. Your passwords are never kept on the company’s servers.
- Free to use on the desktop computers.
- Default offline storage.
- A wide range of supported cloud storages.
- Undeveloped desktop interface.
- A limited set of features.
- No two-factor authentication.