The Best Password Protection
Password managers keep you safe, and they’re also convenient. With a password manager, you don’t have to remember a complex and unique password for each account. The password manager helps you generate new, random ones, stores them for you, and can even help you pass on your passwords to your loved ones after you die.
When you sign up for a password manager, one of the first things to do is create a master password for your account. Your master password is used to encrypt the contents of your password vault, so you should make it difficult for anyone else to guess it. However, it can’t be so random you can’t remember it. Your master password is likely unrecoverable if you do. Read our tips on creating secure, complicated passwords for guidance.
Some password managers eliminate the need for a master password by offering a passwordless entry to your desktop or mobile vault. With passwordless technology, you can log in using a QR code with a third-party authenticator app, biometrics, a magic link, or a one-time password.
As an additional precaution, you should set up multi-factor authentication to secure your password manager account, be it via biometrics, SMS, or time-based one-time passwords (TOTP) stored in an authenticator app. The best password managers support authentication via U2F or OTP-based hardware security keys, most of which are about the size of an actual key and made to go on your key ring.
Before you commit to any password manager, you need to ensure it works on each device you use and doesn’t prevent you from syncing your passwords across all your devices. Although support for Windows and macOS platforms is given, several password managers now offer native Linux apps, too. The best password managers have browser extensions for every popular browser that can operate independently of a desktop app.
How Does a Password Manager Work?
Most people use a password manager primarily to manage website credentials. In practice, when you log in to a secure site, the password manager offers to save your credentials. When you return to that site, it offers to fill in those credentials. If you’ve saved multiple logins for the same site, the password manager lists all those options. Most password managers also offer a browser toolbar menu of saved logins, so you can go straight to a saved site and log in automatically.
Some products detect when you change your password to an account and offer to update the existing password on file to the new one. Some record your credentials when you create a new account for a secure website.
Entering your passwords into a password manager is a good first step. Next, you must identify weak and duplicate passwords and replace them with tough ones. Password managers can flag these bad passwords and help you improve them. Some password managers even check whether you have set up multi-factor authentication for those services in your vault that support it and whether your personal information appears in any data breaches.
When you create a new secure account or update a weak password, don’t strain your brain trying to develop a different password that is strong and unique. Let your password manager take care of it. Ensure your generated passwords are at least 20 characters long and include all the major character types: uppercase, lowercase, numbers, and symbols.
What Are Important Password Manager Features?
Most password managers can fill in personal data on web forms, such as first and last name, email address, phone number, bank cards, passport numbers, etc. Many password managers also can capture and fill in credentials for desktop applications.
Most password managers include a built-in mechanism for securely sharing passwords with other users, but some go further with advanced permissions. For instance, a few password managers allow you to share a login without making the password visible, revoke sharing, or make the recipient an owner of the item.
On a grimmer note, what happens to your secure accounts after you die? Many products include some provision for a digital legacy, a method to transfer your logins to a trusted individual in the event of your death or incapacity.
Some password management companies also offer versions of their products for businesses and teams. These products usually emphasize multi-factor authentication and offer single sign-on and advanced credential-sharing capabilities between team members. The best password managers let administrators see which employees use weak, reused, or compromised passwords for their work accounts.
Password Security Options
Logging in with your secure username and password to a website that doesn’t use a secure HTTPS connection is a big no-no. Some password managers warn you about insecure login pages.
Running your secure connections through a Virtual private network, or VPN, adds a layer of protection. Dashlane includes a simple built-in vpn. RememBear and NordPass come from the same companies behind Editors’ Choice VPNs, TunnelBear VPN and NordVPN, respectively.
Secure storage is an increasingly common feature among password managers, too. The storage allocation won’t replace the need for dedicated cloud storage and syncing service, but in many cases, it’s enough for storing important documents in an encrypted state.
Although a password manager needs to offer advanced features, it should remain easy to use and avoid needless complexity. Users who get annoyed or baffled by a password manager may abandon it and go back to using sticky notes to store and share passwords or, worse, apply the same password everywhere. Note: If you get fed up with your current tool, we have a guide for switching to a new password manager.
What Is the Best Password Manager for 2024?
Products on this list that do not earn an Editors’ Choice award have their merits, but there are two that stand above the rest so far this year. Our 2023 Editors’ Choice winners for the category are Bitwarden and Dashlane. Slick and polished Dashlane boasts a ton of features. Bitwarden offers a remarkable top-notch open-source, totally free password management tier. Click here to learn what criteria we are looking for when we test password managers.
All the best password managers mentioned in this article cost money, though you can use some of them for free if you accept certain limitations. We’ve rounded up the best free password managers in a separate article.