5 password managers that protect your personal data too

Call them "password managers," but these digital vaults secure credit card numbers, bank account information, and more.

Credit cards, social security numbers, logins--each of us passes enough personal information through our PCs and mobile devices to complete a dossier. All that data isn't just tough to remember, it's also difficult to keep secure. Writing everything down on a piece of paper or in a text file or PDF is risky, but do you really want to encrypt your hard drive for a few lousy passwords and account numbers?

A better solution is what's commonly called a password manager, though most of these handle a lot more than just passwords. There are two distinct types: local and Web-based. Local programs store your personal data in a file on your hard drive, with some letting you sync with other devices via network protocols. Web-based services store the master copy of your personal data online, and sync it with your PC and/or mobile devices via client software. For the purposes of this roundup, I'm assuming that you have an innate a distrust of online storage and cover only the programs that store data locally.


eWallet, by Illium Software, is easily the most modern-looking program in the roundup. Compatitible with Windows, OS X, Android, and iOS, it sports a two-pane, browsing tree/viewer interface that's styled to match the latest version of whichever OS it's running on. The Windows version is $20; the rest, $10. You can synchronize them all via the network or Web, but there's no online service or portal.

eWallet's viewing pane presents each record as a business card, and adjusts the background image so it stands out against a large stack of cards. You can also insert your own image--say your kid's picture for their social security number. There are scads of templates for everything from prescriptions to bank accounts to serial numbers, but you can edit the templates and create your own. You might want to do this if you use eWallet in a busy environment--by default the templates hide passwords, but leave credit card and bank account numbers exposed.

eWallet provides a password generator, but it's not inline. You must open it and create the password, then enter the result in the password field. One nice touch is you can simply right-click near a field and copy its contents to the clipboard.

Synching between PC and Mac OS X clients can be done via FTP/SFTP, but to synchronize with an iOS device both the PC and iPhone/iPad must be on the same local network, which will be a drawback for some. Otherwise, eWallet is easy on the eye, easy to use, and covers all the bases.


DataVault employs the browsing tree and viewing pane that's standard for this type of software, but where eWallet records mimic business cards, DataVault's look like Rolodex cards. The browsing tree can be switched to a list view. The toolbar may also be hidden for a cleaner look, although for some reason it returns every time you reopen the program.

One nice DataVault convenience are the buttons to the right of each field that let you hide or show its contents (the exception is the notes field). There's also a universal password hide/unhide command so you don't have to futz with the buttons for every record if you don't want to.

DataVault provides a number of templates for cards/records that should cover most user's needs. There's also a versatile password generator that lets you vary their strength and a virtual keyboard for entering them in in dicey situations. It doesn't shift layouts as some do, but unless you're in covert ops, that's probably not a concern.

My only complaint with DataVault is that it opens every time with the browsing tree fully expanded, no matter how you left it when you closed the program. A polite program should pick up where you left off each time.

DataVault allows you to sync via Dropbox which solves any iSync ssues with the iOS version. Nice touch. Minor gripes aside, DataVault gives eWallet a serious run for it's money. It's not quite as slick but is just as effective and in some minor ways, a tad easier to use.

DataVault supports Windows, OSX, Android, iOS, and even Blackberry. It's $10 for any flavor, making the PC version half the price of eWallet.


If you're only interested in storing passwords, KeePass 2.25 is the best program reviewed here. It has a very versatile password generator that produces anything from 40-bit to 256-bit passwords, as well as random MAC addresses and passwords that match the length of your existing one. You can also set an expiration date to remind you it's time to generate a new password, and there's also support for the single-use transaction authentication numbers (TANs) used by banks.

On the other hand, KeePass is not as suitable for other types of data such as bank accounts, prescriptions and credit cards as the competition. There are no templates as such, though you can define extra fields. There's also no card view. You can attach files to a record, but they're not displayed, you must double-click on a link and open them in a separate window.

Like eWallet, KeePass lets you create groups and subgroups in the left-side tree pane, and uniquely, you can also secure your KeePass file with your Windows account login information or a key file so you can use a super-strength main key. There's remote sync capability via FTP/SFTP as well.

KeePass is great for password management and it's also free and open source--never a bad thing. Just don't use it in a non-secure environment as there's no timer-based lockout. Consider a donation if you like it.

TK8 Safe

TK8's Software's TK8 Safe is a no-nonsense secure data manager aimed more at IT-types that the general public, but it's suitable for either. All records are shown in a spreadsheet-like list rather than as cards, and are organized into folders that can be navigated using a browser tree to the left. The list view is easily sortable and filterable, as well as easy to read, and many users might prefer this more utilitarian approach.

There are a number of ways to filter records within folders in TK8 Safe, including Boolean filters for the various fields. Once you're used to it, it's easy, but as with KeePass there's no search field, which in my experience is the quickest to find what you want. Instead, you must open a find dialog. Not a huge deal, but not as convenient when you're in a hurry.

TK8 Safe offers a number of nice templates for credit cards, bank accounts and other types of data. Because all records are filtered and arranged by type in the list view, TK8 Safe can show specific field names at the head of columns rather than the generic field 1, field 2, you get with MiniSafe Desktop.

TK8 Safe also had an "auto-type" feature for filling in the user name and password fields for Web sites as well as a top-notch password generator with scads of options. TK8 Safe is sold in two flavors: the $20 standard version, and a $30 professional version which allows multiple user access, creating passwords from templates and file synchronization.

TK8 Safe is a very competent secure data manager with some unique features, but it's PC-only and pricier than the cross-platform competition.

MiniSafe Desktop

This blast-from-the-past, basic freebie from Simprit is no longer supported, but still works just fine. It's old-school in appearance with lots of tiny icons, but it's versatile, and unlike KeePass, the other freebie in the roundup, suitable for more than just passwords.

MIniSafe Desktop shows you a filterable list of records/cards to the left, and the usual more-palatable card view to the right. You filter cards by type and category, and you may define new kinds of either. For instance you can create a type of card solely for workstation users in a large company, or Internet passwords. You can also decide which fields are masked and unmasked. MiniSafe Desktop provides only five fields, but that's enough for most purposes and there's an additional "note" field that can hold a lot of data.

Unlike most password/information managers, which allow you to define how long a program remains idle before it locks itself, MIniSafe Desktop is hardwired for about three minutes. I used the program for several years in busy environments, and it always seemed about the right interval. Alas, there's no password generator. There's also no FTP sync capability

MiniSafe Desktop isn't much to look at, but if you don't need file syncing, or a password generator, it will certainly do the job. And there's no arguing the price.

Join the CSO newsletter!

Error: Please check your email address.

Tags appssecuritypasswordssoftware

More about Dropbox

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jon L. Jacobi

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place