The Ultimate Guide to the Best Password Managers in 2020

Why should you use a password manager?

Its simple. If done right, password managers can help you keep your accounts secure. Password managers afford better security and ease of use for passwords when accessing online goods and services.

Security

Password manager applications allow you to generate unique, long and complex passwords which can help you achieve superior password security. You can then store these generated passwords in secure and encrypted storage either through a local or cloud-based vault.

Convenience

It can also be convenient to use single master password to access the password vault rather than having to to memorise loads of different passwords for all of your online/offline accounts. Moreover, some of the password managers allow you to conveniently and securely store credit card and other secure information to your vault.

Password Fatigue

Password fatigue is something a lot of people these days experience whether or not you work in IT. It is the result having to remember an excessive number of passwords as part of people’s daily life, such as to logon to a work computer, access online banking or online social networks.

Password management applications can attempt to mitigate some of the problems of password fatigue by storing passwords in an encrypted password vault protected with a single secret.

However, password managers aren’t the only solution for password fatigue, companies can use other solutions:

  • Single-sign-on also known as SSO. This is where you sign into just one system and as long as this system remembers you are signed in, it can “pass” your authentication to other systems and websites. This can be a little difficult for person use due to its nature of implementation.
  • Integrated password management software. This where your computer operating system can use your login passwords to store and retrieve credentials. An example of this is the Windows Credential Manager.

Personal password manager

Personal password managers are for the use of individuals to store private passwords and other important information. These can help individual users assisting to generate and retrieve complex passwords and storing them in encrypted vaults.

These type of password managers  require an individual to generate and remember one master secret access any information stored in password vaults.

Group password manager

Group password managers store passwords and and other important information to be shared by group of users in a company which can useful collaborating as part of a team. This can reduce password sharing through instant messaging apps which can sometimes very unsecure and against company policies.

Users can also store other information such as names of databases and their instances in a secure manner that can then be shared with rest of their team.

Dashlane

FREE and PAID.

Dashlane OS and cloud based password manager available on PCs (macOS, Windows) and mobile (iOS and Android).

Dashlane was one of the earlier password managers which now offers other services including:

  • Multi-factor authentication
  • Automatic Form Filling
  • Password Generating
  • Digital wallet
  • Security Breach Alert
  • Virtual private network

One of the unique features of Dashlane is that they offer Dark Web Monitoring.

There two plans on offer for general users.

The free version includes all of the below features
  • Up to 50 passwords
  • 1 device
  • Form & payment autofill
  • Securely share up to 5 accounts
  • Personalized security alerts
  • Two-factor authentication

The premium version (USD 3.33/MO – billed annually) includes all of the below features

  • Unlimited passwords
  • Unlimited devices
  • Form & payment autofill
  • Securely share unlimited accounts
  • Personalized security alerts
  • Two-factor authentication
  • Dark Web Monitoring & alerts
  • VPN for Wifi Protection

Additionally if you are after a business solution there are other options.

HackerOne bug bounty program

If you have some serious skills, then Dashlane may reward eligible reporters of qualifying vulnerabilities through their bug bounty program. How much you will get really depends on the severity of the bug or vulnerability you find in their software.

1Password

FREE and PAID.

Ddeveloped by AgileBits Inc, 1Password allow users to store various passwords, software licenses, and other sensitive information in a virtual vault that is locked with a PBKDF2-guarded master password. 1Password stores the encrypted vault on the company’s servers.

The software can also be configured so that files are synced through storage platforms such Dropbox, WLAN, and iCloud (iOS and MacOS) and through 1Password.com.



Travel Mode

In 2017 this feature was introduced enabling users to tag password as ‘ safe for travel’ on local device storage. This can be particularly useful to users who want to only travel with the passwords they require.

Cross Platform integration

Desktop web browser extensions for 1Password are compatible with Safari, Chrome, Firefox, Edge, and Opera. Extensions can remember logins for accounts, fill in website login forms automatically. 1Password can also be used to generate random passwords for new account or replace an existing password.

Additionally, 1Password has also developed a standalone extension called 1Password X currently supported in Firefox, Chrome, and Opera. 1Password X is designed to work without a the companion desktop software, but still requires a subscription.

1Password offers iOS and Android integration with browsers and apps using various methods.

There two plans on offer for general users.

1Password version (USD 2.99/MO – billed annually) includes all of the below features

  • Apps for Mac, iOS, Windows, Android, Linux, and Chrome OS
  • Unlimited passwords, items, and 1 GB document storage
  • Friendly 24/7 email support
  • 365 day item history to restore deleted passwords
  • Travel Mode to safely cross borders
  • Two-factor authentication for an extra layer of protection

1Password Familisies version (USD 4.99/MO – billed annually) includes all of the below features

  • All the 1Password features, plus…
  • Share with 5 family members – from any household. Invite more for $1 each
  • Invite up to 5 guests for limited sharing
  • Share passwords, credit cards, secure notes, and more
  • Manage what family members can see and do
  • Recover accounts for locked out family members

There are also teams and business solutions.

LastPass

FREE and PAID.

LastPass is cloud password manager and stores encrypted passwords online. The default version comes with an website service. Plans also support plugins for various web browsers and apps for many smartphones.

In a 2017 Consumer Reports article has claimed that LastPass is a popular password manager. They’ve been awarded the Best Product in Identity Management award during the 7th (2019) annual Cyber Defense Magazine InfoSec Awards.

Currently LastPass extensions and support is available for Firefox, Google Chrome, Internet Explorer 11, Safari, Opera, Android 5.0 and later, iOS 11 and later, Windows 7 and few others.

There are few plans for LastPass:

The free version includes all of the below.

  • A vault for every user
  • Access on all devices
  • One-to-one sharing
  • Save & fill passwords
  • Password generator
  • Secure notesSecurity
  • challengeMulti-factor
  • Authentication
  • LastPass Authenticator

The premium version (GBP 2.30/MO) includes all of the free version features and the below as well

  • One-to-many sharing
  • Emergency access
  • Advanced multi-factor options
  • Priority tech support
  • 1GB encrypted file storage

There’s also the Families version which allows up to 6 users and is charged at GBP 3.07 p/m and includes additional features such as family manager dashboard and unlimited shared folders.

Just like other password managers above, LastPass also offers business solutions.

Bitwarden

FREE and PAID.

Bitwarden originally developed mobile applications for iOS and Android and browser extensions for Chrome and Opera. Bitward later developed and released an extenstion for Apple’s Safari browser through the Safari Extensions Gallery.

The password manager offers a range of services including client applications for web interface and desktop. It also offers browser extensions, mobile apps, and a command line interface for advanced users.

Like most other password managers, Bitwarden offers Two-factor authentication via email and apps like Duo. Bitwarden further allows business users the ability to deploy the Bitwarden solution on-premises on a server.

The free version includes the below features:

  • Access & install all Bitwarden apps
  • Sync all of your devices, no limits!
  • Store unlimited items in your vault
  • Logins, secure notes, credit cards, & identities
  • Two-step authentication (2FA)
  • Secure password generator
  • Self-host on your own server (optional)

Bitwarden don’t have intermediate family versions as their free version includes significant number features. Their next tier is for businesses and is charged USD 10 P/Y. The below features are included in their business version:

Everything from a free account, plus:

  • 1GB encrypted file storage
  • Two-step login with YubiKey, FIDO U2F, & Duo
  • Password hygiene & vault health reports
  • TOTP authenticator key storage & code gen.
  • Priority customer support

KeePass Password Safe

FREE.

KeePass Password Safe is another open-source password manager developed originally for Windows. KeePass helps you to securely store usernames, passwords, and other important information including notes and file attachments in an encrypted password file. Uniquely, this file can be protected a mixture of a master password, a key file, and Windows active directory credentials.

a number of plugins have developed for KeePass which includes a password generator and synchronisation functions. On KeePass you also set-up multi-factor authentication.

In comparison to cloud-first password managers, the KeePass database is stored on a local file system by default. You can also download a secure Desktop client to access the password files. Additionally, KeePass can bring your passwords from over 30 other commonly used password managers.

KeePass only has a free version and includes the below features:

  •  Multiple User Keys
  •  Export To TXT, HTML, XML and CSV Files
  •  Import From Many File Formats
  •  Easy Database Transfer
  •  Support of Password Groups
  •  Searching and Sorting
  •  Multi-Language Support
  •  Strong Random Password Generator

How to set up a password manager?

Setting up a password manager is pretty straight forward. In the above list, all of the passwords have the typical set-up apart from KeePass.

  • FIRST. You download and install the desktop software (if there’s one) and browser extension which can be downloaded from the Chrome Store.
  • SECOND. Set-up your account using email address and MASTER password – this, remember, needs to be difficult to crack.
  • THIRD. Add your various passwords now or add them as you go along. Alternatively import them from elsewhere if you already have them in a file.

How to select a good password?

Although Password Managers allow you to generate random passwords. Sometimes you might still want to choose your own. There is no harm in that as long as you choose a very good password which will be hard to crack.

You want to use a mix of numbers, letters – both capital and lowercase – and special characters.

What are the most common passwords not to use?

Despite high profile news and online articles. The below are still the most common passwords. Using them will almost guarantee you to get hacked.

1123456
2123456789
3qwerty
4password
51111111
612345678
7abc123
81234567
9password1
1012345
111234567890
12123123
13000000
14Iloveyou
151234
161q2w3e4r5t
17Qwertyuiop
18123
19Monkey
20Dragon

Password Manager Problems

If your master password to a password vault is compromised, you can potentially be in a difficult situation. However, many password managers are able to provide two-factor authentications which are designed in a way that even if your master password was compromised, cloud password services and your password vault would not be accessible. Cloud password vaults are amongst the highest-value targets for cyber criminals, so securing these vaults is of utmost importance.

Compromised Passwords

Password managers such Dashlane and 1Password have features to let you know your password has been compromised. They also let you know you’ve the same password multiple times across multiple websites.

If you follow the one password-per-website, this will be especially useful because if one of your password has been compromised, then it just one account rather lots different accounts had you used same password across multiple sites.

Password managers for mobile devices

Most of the above password managers that we’ve discussed today also offer companion apps for your phone and tablets. However, to use the fully fledged syncing abilities across your many devices you will most likely need the premium versions of the password managers.

What’s wrong with browser password managers?

Browser password managers are good for simple password management. This is better than using 12345 for all of your passwords. Simply put, web browsers can store all your passwords synchronise them across your devices if you have a browser account.

If you want more advanced capabilities such as password sharing, dark web monitoring, VPN, password management for groups etc., built-in password managers won’t do the job as they aren’t quite as powerful yet.