There’s a reason “123456” remains the most popular password. We tend to use passwords we can easily recall. And that means they’re easy to hack.
A good password manager is the best way to relieve the burden of memorizing complex logins and keep your data secure. These tools encrypt your login info in a virtual vault—either locally or in the cloud—and lock it with a single master password.
Considering that the security of sensitive data is at stake, you shouldn’t take choosing a password manager lightly. This guide will tell you what features to look for in a password manager and compare four of the best.
What to look for
Password managers come with myriad features, but at a minimum they should have the following capabilities:
- Password generation: The strongest passwords are long, random strings of characters. And you should use a unique one for each site you access. That makes password generation—the ability to create complex passwords out of letters, numbers, and special characters—an essential feature of any good password manager. If it can analyze your existing passwords for weaknesses and upgrade them, even better.
- Auto-fill and auto-login: Ideally, your master password is the only one you should have to enter when using your password manager. The best ones will auto-fill your login credentials when you visit a site. Some will even log you in automatically when you launch your account.
- Secure sharing: There will inevitably be times when you need to share a password with a coworker or family member. Unlike text messages or email, a password manager should let you share without compromising your security.
- Two-factor authentication: To an enterprising cyber criminal, your password manager’s master password is no different than any other password, meaning it’s obtainable. To safeguard against unauthorized access to your password vault, look for a manager that supports multi-factor authentication—for instance, the addition of a randomly generated code that’s texted to you when you log in.
- Crossplatform: We all work on multiple devices and operating systems. So should your password manager.
One of the first full-featured password managers, LastPass remains the gold standard. This combination vault, form-filler, and password generator creates strong multicharacter passwords; supports auto-login; offers one-click password changing; and even lets you audit all your stored passwords for weaknesses.
Once you’ve installed the LastPass plugin in your browser, it prompts you to save your credentials each time you log in to a site for the first time. When you return to a site, a small icon appears in its login fields showing how many accounts you have stored. Click it to see them and select the appropriate one to log in securely.
One of LastPass’s best features is auto password change. Rather than manually logging in to an account and changing the password, LastPass will do it with the click of a button for popular sites like Facebook and Amazon. LastPass also recently added an Emergency Access feature that lets you designate trusted people to access your vault when you can’t.
Last pass is free to download and use on all desktop platforms. For access to the more advanced features and the mobile apps, you’ll need to upgrade to LastPass Premium for $12 a year.
Dashlane is proving itself a worthy contender for LastPass’ crown. Much of this has to do with its desktop app, which features an intuitive and elegant interface that displays your accounts in a list or as tiles. Dashlane also has plugins for the four big browsers for on-the-fly access.
One of Dashlane’s most attractive features is its security dashboard. This gives you an overall percentage rating of your security strength, and offers suggestions for quickly improving it (replace your weak Google password with a stronger one for a 3-percent bump, for example). Clicking Detailed Password Analysis gives you a closer look at each of your passwords, which you can sort by website, password, strength, or safety level. Clicking an info button reveals the reasons behind its rating so you can take action to improve it.
Dashlane also supports auto-login, form auto-fill, two-factor authentication, secure sharing with emergency contacts, and automatic password changing for numerous popular sites. It also gives you the option of saving your password database on its servers—which enables you to sync it across devices—or locally in an encrypted vault.
Dashlane is free to use on any device, but to sync your password you’ll need Dashlane Premium for $40 per year.
1Password combines the best of Last Pass’ management features with Dashlane’s good looks. As with Dashlane, you must download the desktop app but you can integrate 1Password into your browser with the appropriate extension. The desktop app also installs 1Password Mini, which gives you quick access to all the app’s features from your system tray (Windows) or menu bar (Mac OS).
You’ll find all the necessary tools here, including auto-save and -fill, password audits, two-factor authentication, and a strong-password generator. For passwords you want to remember yourself, 1Password can also create passwords out of randomly generated words.
A particularly nice feature is 1Password’s Watchtower service, which monitors the sites and services for which you have accounts and alerts you to any breaches. 1Password also includes a digital wallet for securely storing credit cards, bank account info, social security numbers, and other sensitive data.
1Password is free to download and use for 30 days and you can purchase a single license for $65. If you want to secure your whole household, choose a 1Password Families subscription for $5 a month.
True Key by Intel Security
The big drawback of any password manager is that you still have to remember your master password. If you forget it, you lose access to all the others. True Key eliminates this burden by allowing you to log in to the app using something unique to you. Depending on your device, that could be your fingerprint, your face, or a second device. You can even combine authentication methods for stronger security.
Once you’ve signed in to True Key, it operates much like other password managers. You access all your logins from a customizable launch pad. Websites can be displayed in a list or as icons. Clicking on an item will take you to that site’s login page and fill in your credentials. If you’re creating a new account, True Key’s password generator will help you create the strongest possible password.
Like 1Password, True Key also includes a digital wallet. Here you can store addresses, credit cards, driver’s licenses, memberships, passports, and social security numbers. A Safe Note vaults securely stores any text data you enter.
True Key is free to download and use for up to 15 new logins (though you can import unlimited logins from another manager such as LastPass). For $20 a year, you can upgrade to the premium version.