This means you should use a different password for each one, but the human brain isn’t designed to remember dozens of them, nor which password goes with which account. It would be much better if websites and apps could come up with a better solution than passwords to verify that you’re really you, but until that happens, we’re stuck with them. Some websites let you use additional security measures, such as requiring you to enter a one-time passcode that’s sent via email or text message. But even though that makes it a bit safer to re-use the same password, it’s a far better idea to use a password manager. A password manager will store all your logins, including different passwords for each account. It’s similar to the way that the contacts app on your phone which stores all the different phone numbers, addresses and other details so you don’t have to remember them. Except that a password manager ensures that only you can access those passwords. The way they work is by keeping all your logins behind a ‘master’ password, which is the only password you have to remember. Until you enter that password, all the logins are encrypted, which is why only you have access to your logins. To make the process easier, most password managers can use your phone or PC’s fingerprint or face scanner instead of that master password. You shouldn’t forget it though, as you’ll lose access to your logins if you ever do have to type it in. And if you want to use the same password manager to remember website logins in a desktop web browser, you’ll almost certainly need to enter that master password each time you reboot your computer. And if you’re wondering what is the point of using a password manager instead of simply allowing your web browser to store logins for you, it’s that they work on all popular devices and web browsers, so you can get at your logins on all your devices, not just in Chrome, say. And because they all have an autofill feature, those usernames and passwords can be automatically entered into websites and apps, ensuring they don’t have to be looked up and copied and pasted, so they’re really convenient. The best can automatically update stored passwords when you change them and some can even automatically change your weak passwords with a complex, strong password on some websites.
LastPass hack – November 2022
Recently you might have heard about a LastPass security breach. There were two in fact, one in August and a second – using data stolen in the first – in November. The company has been relatively transparent about these hacks and has confirmed that no user passwords were compromised. Obviously, it isn’t a good look for a company tasked with keeping your logins secure to be compromised at all, so we’d understand if you want to steer clear. However, since the passwords themselves are encrypted with a master password that only the user knows (and is not stored in the cloud so isn’t vulnerable to hacking), we continue to recommend it. Any cloud-based password manager like LastPass is at risk of being hacked in a similar way, but so long as your logins are safe, hackers should never be able to access them.”
Best Password Managers
The good news is that many of the options here offer a free tier or trial, so you can give them a test drive and see if you’re happy with the way they work on your devices. If you’ve never used this kind of app before, you might like to read our tutorial which explains how to use a password manager.
Free to use Good browser and device support
Not as slick as the best
There’s more good news: if you’re an individual, Bitwarden is free to use. It’s true that some advanced features are kept back for the Premium tier, but all the core features are available for free including unlimited logins, syncing across devices and even a self-host option. Of course, Bitwarden can store other sensitive information such as card details, secure notes and IDs. A feature called Send (which is only for Premium users) makes it possible to securely share information, such as logins, bank details or tax documents with others. Free users don’t get the ability to arrange passwords in collections, but they do get the latest feature: a username generator to go with the existing secure password generator If you want the premium features, the $10 per year (around £7.50) cost of Premium is remarkably affordable. There’s also a Family account for $40 per year (around £30). Bitwarden can import from quite a few other password managers, so you won’t have to labouriously enter logins or build them up slowly as you visit the various websites you use and apps that require logins. Bitwarden apps are available for Windows, macOS, Linux, Android, iOS and there are browser extensions for Chrome, Firefox, Edge, Opera, Safari as well as Chrome-based browsers including Microsoft Edge.
All the features you want
Severely limited free version
It also has a digital wallet feature that can securely store your different payment methods, offering quick checkout and decent form filling when it comes to a spot of online shopping. There is a free version but it’s all but useless: it will only store a measly 50 passwords and won’t sync them across multiple devices. That’s the main reason we can’t recommend it over Bitwarden: your only real choice is to pay, and at $39.99 per user per year (around £30) it isn’t the cheapest either. Fortunately, there is now a Family subscription which is $59.99 per year and supports up to five users. Dashlane apps are available for Windows, macOS, Android and iOS, plus browser extensions. A VPN (which is essentially a cut-down version of HotSpot Shield) is included for extra security but it’s not a replacement for the best VPN services and while it’s useful for passwords, we’d prefer a cheaper price without the VPN. Get Dashlane here.
Well designed Free tier
Free tier limited to mobile or desktop use More expensive than it used to be
This move is – obviously – designed to prompt people into paying $36 / £27 per year. If you’re a long-time user you won’t love this, but new users might well feel it’s a price worth paying to get benefits such as 1GB of encrypted cloud storage and dark web monitoring. And the free tier is still impressive if you can live with using it only on mobile or desktop devices. Unlike some others – Dashlane, we’re looking at you – there’s no limit to the number of passwords you can store. LastPass will also store your card details and other sensitive data and then automatically fill out forms on websites: safer than allowing websites to store your information. There are LastPass apps for iOS and Android, and browser extensions for Chrome, Firefox and Opera (plus other Chrome-based browsers such as Microsoft Edge). This means your logins are easily accessible on all popular devices. LastPass will fill app login details automatically, and on your phone you won’t have to type the master password as you can just tell it to use your fingerprint or face to authenticate. You should enable two-factor authentication which protects your vault of passwords even if someone finds out the master password. The interface is easy to use and there are good search tools, a shared password facility and a handy emergency contact section that allows you to grant access to trusted friends or family under certain circumstances (if your laptop is stolen, for example). As well as Premium, there’s also a Family tier that offers six premium accounts for £40.80/$48 per year. As mentioned at the start, we’re aware of the security breaches, but since these haven’t compromised the logins themselves, we aren’t making a knee-jerk reaction and removing LastPass from this roundup. Get LastPass here
Good for businesses 2FA and security key support
No free tier
The software generates strong passwords for you and stores them on your device, while managing auto-fill and logins across platforms and on all your other devices too. It also has a clever file share function that lets consumers and businesses alike confidently cloud store files and access them as and when. You can also use the fingerprint scanner on their phones to log into individually assigned apps or websites, giving them peace of mind. There’s also support for two-factor authorisation solutions, including Yubikey, SMS and more. The big downside is price. There’s no free tier. You can start with a 14-day free trial, but to continue using it you’ll need to pay £29.99/$34.99 per year, or £71.99/$74.99 for the Family package that offers five accounts. Businesses can get a quick quote from Keeper to see how much a year’s subscription would be. Keeper supports Windows, macOS, Linux, Android, iOS and there are plug-ins and extensions for all the major web browsers. Get Keeper here.
Good-value family plans Password health tools
Free version signs you out of other devices
It’s available as an extension for Chrome, Firefox, Edge, and Opera, and there are desktop apps for Windows, Mac and Linux, and mobile apps for Android and iOS. If you use one of the many variants that run on the Chrome engine (such as Vivaldi or Brave) then the Chrome extension will work fine with those. Transferring passwords into the NordPass is simple, as you can export a .CSV file from your existing password manager, then import it into NordPass. This means you’re up and running in seconds rather than hours of typing in passwords for your various accounts. Once set up, NordPass can automatically fill-in login details when you visit sites or open apps. NordPass can also auto-generate complex passwords and evaluate the strength of your current ones, and can also auto-fill online forms. To accompany the password manager, the app allows you to securely store credit card details so you can quickly pay for things online, plus there’s a secure note section where you can keep important information that you don’t want to fall into the wrong hands. NordPass provides the ability to share any entries from these sections (passwords, credit card details and notes) securely with friends via the Shared Items feature, so if your partner has forgotten the Netflix login again, you can get them back to watching Midnight Diner: Tokyo Stories in no time. You can’t do this with the free version though, and though it supports unlimited logins and devices, you can only log in on one device at a time: logging in on a phone will, for example, log you out of the browser extension on your laptop. The Premium version gives you the full set of features and pricing works like the company’s VPN service, so it’s cheaper if you subscribe for longer. At the time of writing, the two-year plan cost $1.49/£1.55 per month, and $1.99/£2.02 per month for the one-year plan. Get NordPass
Handy Travel Mode Password leak alerts
Not the cheapest No free tier
Like other password managers it stores your passwords in a secure vault that can only be unlocked by your master code (hence the name 1Password). AES-256 encryption and two-factor authentication keeps things locked up tight, and browser extensions make filling in forms or login details online quick and easy. You can store credit & debit card, PayPay and bank details for automatic filling when you need to pay. One special feature 1Password offers is the ability to remove all sensitive data from your device and store it on the company server. It’s called Travel Mode and is intended to be used when you visit countries that might demand access to your PC, smartphone, or tablet. When you return home, you just turn off the Travel Mode and your data will be automatically restored. 1Password offers a 30-day free trial, then afterwards you can either sign up to the premium tier for £2.40/$2.99 per month (billed annually), or the family account that offers 5 users for £49/$60 per year. Get 1Password here
Reasonably priced Great at form filling
Not the slickest of apps Limited 2FA support
Alongside the standard password features there’s also the option to securely store your credit card details for easy online shopping, you have a section for secure notes (these could be license keys or something similar), plus automatic filling out of online forms with your address and other details. It works on PC, Mac, phone, tablet and even via USB drives. There’s a free version, but the problem is that it doesn’t sync across devices. If you want that feature – and most people will – the cost for Roboform Everywhere is a very reasonable £13.25/$16.68 for a year thanks to a special offer that gives you at least 30% off. There’s also a family package also offers the same service but for up to five users, and is a similar price to other services’ family packages at £26.55/$33.40 per year. Get RoboForm here.
Secure password sharing Emergency access feature
Free version doesn't sync across devices
Apps are available for Android, iOS, Windows, macOS, and there’s plenty of browser support. The free version is very good, but the £19.99/$29.99 premium version gets you that Emergency Access feature along with cloud backup, local Wi-Fi syncing across devices and priority access to customer services. There’s also the option to pay a one-off fee for lifetime Premium status, which costs £119.99/$149.99/€149.99 depending on your region. Oh, and the developers of Sticky Password are rather keen on manatees and make a donation from each Premium account fee to wildlife conservation trusts that work to save the endangered animals . So, you’re securing not only your passwords but Manatees, too. Get Sticky Password here.
Related articles for further reading
All security news Best antivirus software for Windows (plus free options) Best antivirus software for Android Best antivirus deals Best VPN services (plus free options) Best VPN deals
Jim has been testing and reviewing products for over 20 years. His main beats include VPN services and antivirus. He also covers smart home tech, mesh Wi-Fi and electric bikes.