Best Password Manager: 12 Tools Reviewed

Whether for email, online shopping, or streaming, most people have lots of password-protected accounts. Since there are so many of these, it's common to reuse passwords. Fair enough: But this doesn't only make it easier for you to remember your password, it also gives hackers a leg up. A password manager neutralizes this threat by assigning each account a unique password, which it safely stores so that you don't have to remember it.

Password managers are no longer an obscure security tool. Once you get used to login forms filling themselves out automatically and every password you use being nearly uncrackable, you'll never want to go back to life online without one.

Password managers are a must for any computer, laptop, or smartphone. Even if you aren't worried about your security, they're extremely convenient and save their users both time and frustration, every single day.

Still not convinced? Here are six advantages of password managers:

Once configured, a password manager quietly goes about its business. The browser extension automatically recognizes and saves new logins to your password vault. As a result, the program rarely requires your attention, so long as it does what it's supposed to. This makes choosing the right password manager all the more crucial.

There are plenty of password managers on the market and nearly all of them operate on the same principle. Since there are some important differences between them, we've taken a closer look at 12 of the most popular options. Below, we'll introduce you to our current Top 5.

Proton Pass is a relatively new password manager from Proton, the Swiss technology company also behind Proton VPN and Proton Drive.

Proton products are known first and foremost for their high security and privacy standards, and Proton Pass is no exception. The password manager scores with end-to-end encryption, open-source components, and regular audits. Your sensitive account data is in pretty good hands here.

But Proton Pass isn't just secure. It also delivers on usability: The web dashboard, browser extension, and smartphone app all have a modern design and are intuitive to use.

Autofill worked fairly well in our testing, though not quite as well as the best password managers on the market. Proton Pass struggled more often with complex logins, like multi-step processes. Customer support could also use some improvement.

A real standout feature is "email aliases." This lets you create a unique, anonymized email address for each service, protecting your real address and cutting down on spam.

Dashlane was our clear winner because its premium version does everything a bit better than all of its competitors. The program is easy to install, its web app is quick and intuitive, and it comes loaded with features. We particularly liked Dashlane's convenient password changer that automatically replaces your weak passwords. As an added bonus, paying subscribers even get a VPN included in the package.

Autofill was reliable during both browser and smartphone testing. On top of that, the browser extension complements the main client beautifully.

There is a free version of Dashlane, however, this is more like a trial. Free users are limited to 50 stored passwords and cannot sync entries across different devices. As something of a trade-off, the service's paid subscriptions are competitively priced.

A Premium Dashlane subscription offers the best overall package and is our top pick.

1Password is a password manager we'd trust with our credentials without hesitation. Developed by AgileBits, it earned excellent marks for security in our review. Its packed feature set includes additional security tools like a locally created 128-bit secret key, which you need to log in from a new device, and a Travel Mode that lets you control which vaults are available on which devices.

Classic features like a clear security center (called Watchtower) that flags unsafe passwords, and a powerful password generator that can even create full passphrases, are included as well. There are also tons of data set templates (1Password even thought of your hunting license!) and the option to customize entries with user-defined fields.

When it came to autofill, 1Password was dependable. Even on websites that have multi-page or pop-up-based login processes, its browser extension almost always supplied the correct information. New account information was also automatically and reliably stored.

With plenty of features, optimum security, and reliable autofill, 1Password is a solid choice. Our only complaint is that there isn't a free version.

Whether in its desktop client, browser extension, or smartphone app, Keeper is a highly intuitive password manager. Data sets are logically assigned to folders which can be arranged by dragging and dropping them.

We particularly liked how much Keeper allows data sets to be customized. Users can add custom fields and even secure individual entries with time-based one-time passwords. On the downside, the service has fewer templates than 1Password.

Users can also configure how the browser extension handles data sets. It's possible, for example, to specify when autofill should and shouldn't engage with a form field. Autofill worked perfectly during our assessment, even for complicated logins.

Like 1Password, there isn't a free version of Keeper. As something of a consolation, you can test the full version for 30 days at absolutely no cost.

If our Top 3 disappointed you mainly because they lack a solid free version, NordPass has you covered. This fairly new password manager from the creators of NordVPN fills the gap that LastPass left behind when it restricted its free tier. NordPass offers a full-featured free version without overly strict limits. You can create unlimited data sets and use them on both desktop and smartphone.

But NordPass gets a lot more right than just its pricing. In addition to its excellent user interface, which we expected from the team behind NordVPN, data imports from other password managers worked smoothly. Autofill was reliable most of the time, and we only had one or two technical difficulties.

Still, NordPass isn't as developed as the other leading programs from our sample. Even though users get the most important features, there's less flexibility than in any of our Top 3.

Entry fields are fixed, for example, and there are only a few customization options. You also shouldn't expect special features like the password changers found in Dashlane or LastPass. Support is also only available in English so far.

All the same, we're confident that many users will happily accept these shortcomings in light of its powerful and generous free version. We certainly do.

Right behind NordPass, Bitwarden is another favorite among free password managers. Bitwarden doesn't annoy free users with frustrating data set or sync limits either. On top of that, even its premium version costs far less than many competitors.

And you're not getting a stripped-down product in return. Regardless of whether you use its Web Vault, desktop client, browser extension, or smartphone app, you'll be treated to a well-rounded and highly intuitive password manager. All important features are included. However, Bitwarden does claw back some revenue here: features like password sharing, which are free with most other password managers, require a paid add-on.

Autofill worked without issues most of the time during testing, with only a few misses in the mobile app. There's also no support available in languages other than English.

Bitwarden isn't perfect, but it does offer a good package at a very reasonable price.

Our top picks excelled in most areas and surpassed the other password managers we reviewed. However, this doesn't make them the best or only solutions for your individual needs. The right one for you might be waiting outside our Top 5.

The table below provides an overview of how each password manager from our sample performed:

At the center of any password manager is an encrypted database located either on the system where the service is installed (locally) or in the cloud (remotely). That database and all of its entries are accessible only with the master password.

Most password managers have multiple user interfaces. The main control centers are usually dedicated desktop clients or web dashboards that you access through your browser. Many password managers offer both.

Typically, password manager user interfaces are divided into two or three columns: Navigation is often on the left, and you'll be able to select between categories of data sets and features. In the center, you'll see individual entries, whether login credentials, notes, or payment methods. Click on one, and a detailed view will open to the right. There, you can edit it or make changes.

Almost all of the password managers from our sample have browser extensions and mobile apps. These come in handy when you want to create a new account, update an existing entry, or log in to websites and services online.

Browser extensions are a miniature version of the software's password vault. You'll be able to access all data sets and make use of certain features, like a password generator. Copy and paste data into the vault to add login credentials with just a few clicks.

In the following sections, we'll explain the various features that password managers typically include.

If you've used a password manager before, you can usually import any existing data sets to your new one with relative ease. With LastPass, this is particularly convenient, since users can transfer data sets in a wide variety of formats, that the software will accurately integrate into its own vault. This makes switching quick and painless.

As soon as you've imported an existing data set into your new password manager, you can use it. To activate autofill for content and web forms, you'll need to install your password manager's browser extension. After this, sign-ins and logins are easy: The first time you open a page that you have a stored entry for, your password manager's browser extension should offer to fill in your credentials automatically.

Most of the time, password managers do this with small icons that appear in the login form. With some software, you'll need to click on the browser extension in the browser toolbar to input the necessary data set.

Many password managers also notice when you create a new account or update a stored password. You'll usually be asked whether you'd like to create a new entry or modify the one on file.

If your password manager can't find the proper entry for a site that you want to log in to, you can search for it manually. Most apps have manual search features: Simply input the name of the website, its URL, or your account's username. Some password managers, like LastPass, remember search queries and create shortcuts for entries that you manually selected in the past.

Password managers can also help you access your accounts on smartphones or tablets. Since they constantly run in the background, they'll immediately spring to action when you attempt to log in to a website or service. Then, just like on your PC or laptop, they'll display any stored entries for it. All you have to do is tap on the login button.

To ensure that autofill works in your smartphone browser as designed, you'll need to grant the app access rights to your phone. Most apps automatically walk you through this process after the software has been installed.

Access to your password database is protected by a single password, which is hopefully a strong one. If hackers get their hands on that password, they'll have access to all of your accounts. That's why we recommend always protecting your vault with a second password. Don't worry, you won't need to remember it.

With two-factor authentication (2FA) enabled, you'll log in as usual with your username and password. However, instead of being taken straight to your vault, you'll need to enter an additional time-sensitive code. This is generated by an app like Google Authenticator and is only valid for a short time, usually 30 seconds.

You'll activate 2FA and pair your account with an authenticator app in your password manager's settings menu. To check whether a particular platform supports two-factor authentication, select the "Two Factor Authentication" filter in our comparison tool.

Whenever you register an online account, you'll be asked for the same information: Your name, address, email, and phone number. With a password manager, you won't ever have to type out this information again since they store it in a profile that you can input whenever needed.

Bank account and payment information can also be stored in your password vault, and automatically filled in as required.

After a profile has been saved, just select it the next time you sign up for a website or service. The form assistant takes care of the rest.

Most password managers store multiple addresses, such as those for your business or home. If you create several profiles, the form assistant will ask you to select which it should supply.

Beyond storing passwords and autofilling forms, most password managers also let you save other types of structured data. There are usually a variety of preset categories to organize these. 1Password, for example, provides "Identity", "Software License", "Wireless Router", and even "Outdoor License" templates.

Most password managers allow users to create custom categories by adding fields to entries. However, some do not and only offer a handful of default categories.

Nearly all password managers include a category for notes, where you can save everything that doesn't fit anywhere else. Such information might not be autofilled but you can search through your notes to find what you need.

Once you have a password manager, whenever you need a new password, the software will handle it for you. Most programs include password generators that automatically create highly secure passwords based on custom parameters like length and the use of special characters. The generator is accessible through the app or the browser extension. When you need a new password, an icon will often appear right in the password field as you register on a website.

When you change a password, your password manager's browser extension should detect it. Typically, the extension will then ask whether it should replace the old password with the new one. Confirm and the new password will be saved in your database.

The security of your stored data depends primarily on the encryption algorithm your password manager uses. In addition, how and where this encryption is applied is just as important.

With most password managers, this is Advanced Encryption Standard (AES) 256-bit encryption, which is considered to be highly secure. The '256' refers to the security key's length. For comparison, both AES-192 and AES-256 are approved for use in US government documents.

Whenever you register a new account, an individual key is generated from your email address and master password. That key is then used to encrypt and decrypt your password database. Depending on your settings, this can occur in combination with a one-time key from an authenticator app.

As mentioned, it's important to pay attention to what encryption algorithm is used as well as where your encrypted data is stored.

Your data is encrypted locally on your device using your master password. This means no one but you can view your passwords, not even the password manager's developer. To guarantee this, your master password is never sent to the provider's servers.

This approach is called zero-knowledge encryption. It ensures that no one can decrypt your data, even if they gain access to the provider's servers.

However, this approach isn't perfect: Since your provider doesn't have your password, they can't help if you lose or forget it. Some password managers have contingencies like password hints, an address or phone number that a password can be reset with, or emergency access for trustworthy people.

You can see which password managers offer either of these options by ticking the "Zero-knowledge Encryption" and "Emergency Contacts" filters in our comparison tool.

Even though they've done a lot to enhance their security, most people remain skeptical about cloud storage. At the end of the day, few are ready to hand over control and management of personal data to servers that they can't access or are based abroad.

For that reason, we recommend only using cloud services that adhere to the zero-knowledge proof.

If you're still not convinced about whether your information is in safe hands, you can see which password managers let users locally manage and store data by selecting the "Local Storage" filter in our comparison tool. Keep in mind that locally stored data cannot be accessed by multiple devices since it's located on a single computer, tablet, or smartphone. However, even with these services, it's usually possible to enable cloud syncing.

Cloud-based data can be synced across your devices, shared with others, and used within a team. Many password managers allow individual data sets, entire folders, or even categories to be shared.

You can share individual data sets directly or grant access to entire folders and categories. With LastPass, for example, you can manage shared content in the "Sharing Center."

This sort of functionality makes it very easy to manage shared accounts, on streaming or shopping platforms, for example.

Many providers offer business or team versions of their software. Most IT departments continue to manage passwords for servers, network switches, firewalls, and more with Excel spreadsheets. This is neither safe nor practical since access cannot be effectively regulated. With a team-based password manager, it's possible to strictly control access to data and password usage.

If you're looking for password managers with business versions, select the "Teams" filter in our comparison tool.

Each provider we tested takes a somewhat different approach to usage licenses. Most can be installed and used on as many devices as desired, however, some limit this. We've included a detailed breakdown of these specifics in each plan's description.

Another factor you might want to consider is the number of passwords you can manage with a given service. In most cases, this is unlimited. Free versions, however, often come with restrictions. That's why we've added a section to our feature overview showing how many data sets you can store with each plan.

We think password managers are an important element of cybersecurity for the simple reason that even if a hacker manages to crack one of your accounts, the rest will remain unharmed.

Thanks to their ability to automatically generate tough passwords, anyone can use them to create unique and secure passwords for their accounts. Because you only have to remember a single master password, the complexity of all other passwords doesn't matter. They can easily be 20 characters long and consist of random combinations of numbers, special characters, and upper and lowercase letters.

To find out which service suits you and your needs best, we recommend using our comparison tool and then reading our comprehensive reviews. Most apps offer a free trial period, so you don't have to buy a product outright. If you dislike one app, simply move on to the next one.