A password manager is like a notebook with your passwords, but with a master key that only you have. Some password managers store this notebook in the cloud, some on a device you own, but in any case it should be encrypted and accessible only by you with a very complex and carefully guarded password. Click here to see our webinar that covers the info below as well as a demo of LastPass.
Why do you need a password manager?
We all have so many online accounts, ranging from critical banking and investment information to health data to shopping and credit cards. All of these accounts should have different passwords because if one is compromised, you don’t want the others to be vulnerable. The passwords should also be complex and random so that your accounts are hard to break into. We’re left with managing many different complex passwords, and most of us need help to do that! Check out our blog on passwords guidelines if you need a refresher.
Can’t my browser (Chrome, Safari, etc.) manage my passwords?
This can work, but not as well as using a password manager. If you use a browser-based password manager, you can’t mix and match browsers. If you use Google on your PC and Safari on your phone, that’s two browsers whose password managers don’t talk to each other. Also, some browsers will generate random passwords for you, but the capability is generally not as robust. In general, using your browser’s password manager is better than nothing and certainly convenient, but not as good as a third-party password manager.
Considerations When Picking a Password Manager
Will it work across all of your devices?
Think about the devices you own now and what you may have in the future. Do you want to use a family or shared version, and if so what devices do the other users have?
Where does the password manager store your passwords?
The two options are locally on one of your devices or in the cloud.
What is the recovery process if you lose the master password?
What happens if you lose it? Is there mobile account recovery using biometrics? Do they offer password hints? Password Managers generally cannot access your master password, so if you have not set up a recovery process you most often have to start over – a long and tedious process.
Do they offer two-factor authentication?
You should have two-factor authentication, and usually, the password manager will let you “trust” certain devices so you that two-factor is not required every time you use the device. This sets up a second hurdle for someone to access your account – they can have your password but if they don’t have the second factor (biometrics or code, etc.) they can’t get it.
Is there a free version? Are there must-have features that are only available in the paid version?
Check out the plans – they vary widely. Paid plans are not very expensive – usually an annual fee of $30-$50.
Is the company strong financially?
You really don’t want to store all of your login information with a company that won’t last. Make sure the company is legitimate, strong, and preferably located in the U.S (or at least in a country with strong privacy laws).
Popular Password Managers
Below are popular password managers – most offer several versions. We sourced this information from a variety of online sites. Since it changes all the time, please do your own research but use this as a starting guide!
Zoho Vault Pros:
- Accessible from any browser, any platform
- Actionable password strength report
- Permits sharing and transferring of logins between users
- Free edition available
Zoho Vault Cons:
- Browser extensions only for Chrome, Firefox, and Safari
- Doesn’t handle Gmail or other two-page logins
- Lacks Web form filling ability
- Doesn’t import passwords from browsers
- Syncs across all your Windows, macOS, Android, and iOS devices
- Offers all essential and advanced password management features
- Includes VPN protection
- Scans Dark Web for compromised accounts
- Captures online shopping receipts.
- Expensive, especially if you already have a VPN
- Can’t choose VPN server country
- No special handling for nonstandard logins
- Limited support for Internet Explorer
- Enhanced multi-factor authentication choices
- Includes 1GB of secure online file storage
- Manages application passwords
- No ads
- Doesn’t add substantially to what you can get for free
- No longer offers shared folders
- Supports all popular platforms and browsers.
- Two-factor authentication.
- Secure password sharing and inheritance.
- Optional secure file storage and messaging.
- Retains a full history of passwords and files
- Webform filling somewhat limited
- No fully automated password updates
- Apps for Windows, macOS, Android, and iOS
- Secure yet simple authentication when adding new devices
- Two-factor authentication
- Not compatible with Internet Explorer
- Limited import options
- Supports all popular platforms and browsers.
- Two-factor authentication using Yubikey or FIDO.
- Generates TOTP codes for 2FA-supporting sites.
- Analyzes passwords and security.
- Edge extension not working correctly
- Support for iOS somewhat limited
- Full-scale secure sharing costs extra
How to get started
Consider using the free version of the password manager you have selected just for a few “low value” passwords to see how you like it. Then go all in!