Security experts advise that everyone should compose complicated, secure passwords that are difficult to guess. It is also advisable to create a different password for every protected software package and website. Those passwords should not be written down anywhere that they can be discovered by a thief.
Who is going to be able to remember a long list of complicated, unique passwords? No one. That’s why everyone needs a secure password manager to store passwords as part of identity theft protection. Companies that hold the personal data of others and need to protect corporate secrets are particularly in need of password managers.
What is a password manager?
A password manager is a secure listing of all passwords used by an individual to replace the need to hold passwords in memory. The user enters all usernames and passwords needed for all of the software and websites that he uses. The password manager stores these credentials in an encrypted file. The user can get access to the password manager by entering a username and a strong password.
How do password managers work?
The password for the password manager should be strong, and therefore, hard to remember. Only having one password to remember makes life easier. With the password manager active, the user will get all credentials fields filled in automatically for all of those systems that were logged in the password manager. When the password manager detects a new application for which it doesn’t have the credentials stored, it will prompt the user with the option of storing these new credentials. Another useful feature is a password generator, which creates complicated, strong passwords including a long series of random characters.
Businesses can control password managers for many users centrally. They can use a control dashboard to enforce policies, such as password rotation and the use of a password generator.
How secure are password managers really?
The best password managers are very secure. However, there is one weakness in the system, which is the secrecy of that master password that unlocks access to the password manager and its vault. If that password gets disclosed, the entire security system is vulnerable. Many password managers resolve this weak spot by imposing multi-factor authentication. The second check in this process can be a push notification to a mobile device or a biometric test, such as a fingerprint scan, or voice recognition.
Which are the best password managers?
To help you choose a new password manager either for home use or for business, we have created a list of the five best password managers available today.
LastPass is available in both personal and business versions. The service is also offered as a free version for individual users. The personal versions of the tool include a password vault with one master password and syncing to multiple devices. The software is only valid for one user, but as it is free, each family member can open an individual account. The system includes the option to create a one-time password to share a resource.
The Premium plan allows password sharing with an unlimited number of people. This allows an account holder to create photo albums and allow friends and family access without making those photos public to the world. The Premium version includes 1 GB of secure file storage space on the Cloud, which makes file sharing easier. The Family plan is a discount on six Premium plans. It includes a management console for one member of the family to organize the access rights of all of the other linked accounts.
The business plans of LastPass are all priced for a minimum of five users and are charged per user. There is a standalone package that implements multi-factor authentication (MFA) without all of the other password management features of LastPass.
The user gets access to a cloud-based password vault, with an email address as the username and a strong password. The system then generates random passwords for all applications and sites that the user accesses and stores these in the vault. The vault is protected by 256-bit AES encryption with PBKDF2 SHA-256 and salted hashes.
The Premium and Family editions offer multi-factor authentication through the YubiKey and Sesame systems and also via a fingerprint scanner – the fingerprint scanning hardware isn’t included in the package. Multi-factor authentication isn’t included in the Free personal plan. The two lower business plans include two-factor authentication but the high plans can add more layers. Authentication channels in the business plans include push notifications to a mobile device, SMS, and biometric scans.
The facility will autofill all password fields so users do not need to ensure those passwords are memorable.
Dashlane has a free version but it has limited functionality. It only covers one device and is limited to storing 50 passwords. The two paid versions of Dashlane are an edition for personal use and one for businesses. They both sync password usage across devices. All versions will autofill credentials and credit card information in registered software and websites.
All versions include two-factor authentication and password sharing features. The Premium plan includes a VPN service for protection during wi-fi access and dark web monitoring, which searches for credentials theft. The Business plan includes separate storage for personal and business passwords, called Smart Spaces. This plan doesn’t include a VPN service, but subscribers for more than 50 users get access to a Customer Success Manager.
The password vault is accessed by a master password, which is forced to be complex. All of the passwords stored in the encrypted vault can be generated automatically, making them too complex to remember. The vault will also store payment card information. The tool will autofill credentials on all sites that have been registered in the vault and also bank card details wherever they are demanded.
The software and its related password vault are protected by 256-bit AES encryption. The system has a patented secure architecture and includes built-in two-factor authentication, which can work with well-known mobile authenticators.
There isn’t a free version of 1Password, however, all of its five editions are available for a 30-day free trial. There are two versions for home users and three for businesses. The two home use plans include 1 GB of cloud-based secure file storage space. Team plans also include 1 GB of cloud storage per user, while each user gets 5 GB of storage on the Business plan. Two-factor authentication is included with all plans. Apple Mac users can deploy Touch ID and a Face ID application is available for 2FA on iOS devices.
Another interesting option available with all plans is the Travel Mode, which removes all password vaults on a device that you want to take away with you. When you return to base, the local password vault is restored. A local version of the password vault is available to protect device-resident applications while offline.
The secure password vault is stored on a remote server and can be accessed across all devices. Each account on all plans gets protection for unlimited passwords on unlimited devices.
The Family plan covers five users and extra users can be added for $1 per user per month. This plan includes a central console that manages all user accounts in the group, while each person’s passwords are held in a separate secure password vault.
Each user on the Business plan gets a Family plan subscription for free. It is possible to create shared passwords and guest accounts to convey information, such as alarm security codes. The Enterprise account is a tailor-made package.
All storage, both on the device and on the cloud, including password storage vaults and file storage space is protected. The 1Padsseord system encrypts all stores with 256-bit AES ciphers. The user sets up a master password that is needed to unlock access to the entire security system. Each device used by an account holder gets a secret key, which needs to be present in order to unlock a password vault.
KeePass is a free password manager. In fact, this is a whole category of free password management products. This is because KeePass is an open source project. There are a number of variants adapted from the core code and made into specialist secure password services for different operating systems. There are also a number of web browser plugins that are not part of KeePass but were produced under other names using the KeePass code. The best known of these free versions of KeePass are KeePassXC, Tusk, KeeWeb, and BrowsePass.
Bitwarden is an open source free password manager. There are higher plans for individuals, families, and businesses, which are paid versions. The Free version can be shared between two people. The Premium plan has a password generator and extra two-factor authentication systems, including YubiKey, FIDO U2F, and Duo. The Family plan is available for five users. The two business plans are called Teams and Enterprise. The Premium plan, Family plan, and the Teams version include 1 GB of cloud-based secure file storage.
The Teams plan includes five users with extra user accounts available for $2 per person per month. The Enterprise plan is priced per user per month.
Bitwarden encrypts your passwords before they leave your device. Its secure password protection is implemented with 256-bit AES encryption.
Choose a secure password management tool
There are many good password management systems available, but few people have the time to give all of them a trial. This is why we decided to create recommendations for the five best password managers.
Getting the list down to five was a tough job. We think that RoboForm, Enpass, and Sticky Password all deserve honorable mentions. Try out several of the tools on our list because those that aren’t free to use have a free trial. Whichever of these five you choose, you will have strong password security and with all of the data breaches and identity theft attacks going on, you really need to tighten up your cybersecurity defenses.