If you are thinking about security, a password manager is essential. Data breaches are now common, and password hacking is made easier with the vast amount of stolen data. The same goes for simple types like 'password12345', as well as variations of single passwords or strategies that use numbers instead of letters. Even if you use your own random passwords, storing them in a document or spreadsheet is vulnerable to hacking.
Paid password managers offer some nice extra features, but even free programs avoid the more serious risk of using passwords that are vulnerable to hacking or using the same password in multiple places. Also, you only need to remember one password to access where all other passwords are stored securely in one place.
Free password managers are also available in a variety of preferences and styles, so you will be able to find products that suit your lifestyle. You can upgrade to a paid service at any time as your needs increase.
Best free password manager for regular users: Bitwarden
- Website: https://bitwarden.com/
- Supported devices: Windows, macOS, Android, iOS, browser extension, web, command line
- It is open source
- Two-factor authentication (2FA) support
Like many other services, Bitwarden offers both paid and free plans, but the free version alone provides a plethora of features for most individuals. There is a limit on the number of devices that can use the service, and there are various types of devices. In addition, basic TOTP two-factor authentication can be activated, and the number of passwords that can be stored is unlimited. This free personal plan allows privacy-conscious users to self-host instead of corporate cloud hosting.
Competitive products have far fewer features in the free version. In particular, it rarely allows unlimited movement between different device types. Dashlane starts charging immediately for more than a single device. Unlike Bitwarden, most competing products are not open source, so the community cannot find hidden backdoors or security holes.
One of the features the free plan doesn't offer is password sharing. But you can circumvent it by signing up for a free corporate plan instead. Basically, passwords can be shared between two users without restrictions, allowing two individuals to securely access the passwords of the shared account. However, the downside is that free corporate plans do not allow self-hosting.
Another advantage of Bitwarden is that it doesn't cost much to switch to a paid plan if the user needs to expand its functionality. The premium personal plan costs $10 per year ($36 or more per year for competitive products), and $40 per year for up to six users ($48 per year for competitive products). Switching to a paid plan has specific benefits, such as a more sophisticated form of two-factor authentication, password health assessment (e.g. strength, exposure, etc.), encrypted file storage, and emergency access from trusted individuals.
Finally, if one day switches to another product, Bitwarden supports the ability to transfer passwords to encrypted files. But with this generous and complete feature set, you won't want to move to another product.
Best Free Password Manager for DIY Preferred Users: KeePass
- Website: https://keepass.info/
- Supported devices: Windows (official), macOS (unofficial method), Android/iOS (unofficial method)
- It is open source
- Two-factor authentication (2FA) support
Keypass may not seem like much, but this desktop app-based password manager has all the features you need, especially if you care about privacy and security.
Since programs and encrypted database files are stored locally on the computer by default, the user has full control over who can access it. On the other hand, cloud services require the server to be set up correctly and trust in employees. In addition, KeyPath can be run through a portable .exe app stored on USB without having to install it on a computer.
Keypass is also an open-source program that allows the community to always check for hidden backdoors or common and familiar security breach bugs. You can also use a key file to enable two-factor authentication to strengthen the master password and grant access only to the Windows account that created the database file.
Keypass doesn't only support Windows desktop systems. Since the program is open source, you can find community-created keypath ports for macOS, Android, and iOS, as well as numerous plugins that can be customized to suit your needs. Plug-ins allow you to reproduce most of the features offered by paid cloud-based services. It is also possible to check whether a password was found in part of the data dump.
You can also be creative with how to store database files. You can store it on your home server for remote access or to a cloud service of your choice (for example, you might be more familiar with Google's account protection method than a dedicated, password manager service). And if you choose to use a DIY password manager, you can easily transfer your passwords from Keypass.
The easiest password manager: Google, Apple, Firefox
- Website: Google Password Manager, iCloud Keychain, Firefox Password Manager
- Supported Devices: Various
- Not open source
- Two-factor authentication (2FA)
Password managers in mobile operating systems and major browsers have evolved greatly. Just a few years ago, I couldn't recommend using it at all, but it's now a viable option with enhanced security and functionality (although basic).
It provides basic functionality, but it's not bad. When it comes to password managers, the user has chosen the best service. For some users, using a dedicated password manager can be daunting to manage. In this case, using Google, Apple, or Firefox can upgrade your password security with little extra effort. The built-in password management tool can perform the cumbersome task of creating and remembering unique random passwords on the web, and you don't have to switch to another app to do this.
Of course, you will lock yourself in the ecosystem by using the built-in password, but if you have already lived in the water for a lifetime, that fact will not be bothersome. Google will appeal to most people because Chrome is universally used. But if you're concerned about data privacy, you can choose Firefox's promise not to sell your data instead. Apple promises this too, but it is the most difficult to move to another service because it is not easy to transfer passwords. Choose Google or Firefox if you want the most widespread use across a wide range of devices, or Apple if you own both macOS and iOS devices.
One major downside of storing passwords using Google, Apple, or Firefox accounts is that they are not as tightly protected as third-party services. Even if you protect your account with two-factor authentication (and a must-do if you store passwords on these services), Google, Apple, and Firefox tend to be more negligent about accessing passwords from signed-in devices. Unlike most dedicated password managers, there are many cases where re-authentication is not requested to use stored passwords. This can be a security risk on shared devices.
Free vs. Paid Password Manager
If you can use a free password manager, is there any reason to use the paid version? Paid services offer premium features that give you more control over your passwords and how they are secured. For example, often password sharing (which is useful if everyone in the family needs to know your Netflix password), support for YubiKey and other 'advanced' forms of 2FA authenticators, and letting you know if a password has appeared in a data dump. Alerts are accessible. Some paid services also have signature features that differentiate them from competing products. For example, 1Password has a 'travel safe' function that hides some passwords when traveling. This is an additional security measure if your device cannot be accessed due to a very thorough airport inspection or due to theft or lost baggage.
0 Comments