Our brains are not well adapted to remember and recall hundreds of complicated, unique passwords for all of our online accounts. Remembering even a single complicated password is a task in itself. This is why many individuals succumb to the hazardous, risky habit of repeating the same typically weak, easy-to-recall password across their online accounts.
A weak password is just as simple for crooks to hack as it is for you to remember. Once your password has been compromised, you're vulnerable to credential stuffing attacks, which can result in many of your online accounts being breached. At that point, you may as well tweet out all of your internet login passwords to the world.
A password manager is an online service that offers an encrypted vault where you may store the login credentials for all of your online accounts so you don't have to remember them. You only need to remember a single master password to enter the encrypted vault -- from which you can access all of the other passwords you have saved. Password management services normally provide user-friendly online interfaces, applications or browser extensions where you may access your encrypted vault using your master password.
The finest password managers are cross-platform-compatible and can instantly sync your full vault across all of your devices. This means that after you've put your credentials into the password manager on one device, they'll instantly show up on all your other devices on which you've installed the software -- whether you're using Windows, MacOS, Linux, iOS, Android or a browser extension. Keep in mind that, by their nature, password managers are particularly appealing targets for fraudsters, so it's crucial that you select one with a track record for security and transparency.
Why you need a password manager
NordPass says that the typical internet user has between 70 and 80 passwords. It's nearly hard to remember each unique complicated password that you should be establishing for each account, which means you need another system to keep track of them all.
Using a password manager is a significantly more effective and easy tool for keeping track of your passwords. You can use one to build strong, unique passwords that are considerably more harder to steal than something like Fido1986. And if you're unsure of how to create a strong password, a good password manager will always include a strong password generator feature that will create them for you. A password manager may also assist defend against phishing attempts because if the password manager doesn't recognize the URL on which you're inputting your login credentials (i.e. if you're on a phishing site), its autofill feature won't offer to fill the credentials.
And password managers have benefits beyond just storing passwords. You may use your password manager to securely store additional data such credit card numbers (to autofill in online retailers), identity papers, travel documents, medical records, PIN codes, bank account numbers and safe notes. Many of the top password managers also offer additional features like cloud storage and attachments, password health reports, data breach notifications and dark web monitoring (which alerts you if any of your personal information has been detected on the dark web). You may also use your password manager to securely exchange passwords and other things with family members, friends or other trusted contacts.
Best password managers in 2023
Bitwarden is a fantastic option if you want a well-rounded premium password manager that's safe, transparent, budget friendly and simple to use -- or if you want a truly infinite password management solution for free.
Bitwarden ranks at the top of our list of the best password managers for a variety of reasons. First and foremost, Bitwarden is totally open-source, secure and certified yearly by third-party cybersecurity experts. This degree of openness sets Bitwarden apart from its contemporaries in a sector that relies so fundamentally on trust.
Another thing that sets Bitwarden differ from the others is its amazing free plan. While other password managers impose limitations on the number or types of devices you can use, or the number of vault items you can store, Bitwarden's free plan lets you store an unlimited number of passwords and use it across an unlimited number of devices. Though it doesn't offer all the features its premium plans do, Bitwarden's free plan still offers many premium-tier features like secure sharing with another user, access to Bitwarden Send (which you can use to securely share passwords with anyone), two-factor authentication, encrypted vault export and a username and password generator.
In addition to the base features on the free plan, Bitwarden's premium plans offer full vault health reports, 1GB file storage, emergency access (where you can designate a trusted contact to access your vault in case of an emergency), Bitwarden authenticator and advanced multifactor authentication with YubiKey, FIDO2 and Duo. Premium plans are budget-friendly at $10 per year for individuals and $40 per year for families, which allows for up to six users.
You may access your Bitwarden vault via its online client or its applications across practically every platform you can conceive of, including Windows, MacOS, Linux, Android, iOS and browsers like Chrome, Safari, Firefox, Brave, DuckDuckGo and even the Tor Browser. Bitwarden's UI is clear and easy to use across platforms, and exchanging passwords and other vault contents with others is trivial. There are a lot of choices to personalize your entire experience, from the appearance and feel of the app to browser integrations and universal and granular security settings. Through the web interface, you can also access various reports that flag whether your email address has been included in a data breach, which accounts have reused passwords or weak passwords and if any accounts are still using passwords that have been exposed in a data breach. Read our Bitwarden review.
1Password is the password manager for you if you're searching for a solution that's a breeze to use on all your devices and contains some truly helpful extras. Its Travel Mode feature makes 1Password a great alternative for anybody traveling on business, students studying abroad, journalists or digital nomads.
1Password is a trustworthy, highly secure password manager that is loaded with handy features. The user experience is clean and straightforward across all platforms, including Windows, MacOS, Linux, Android, iOS and browsers like Chrome, Safari, Firefox and Brave. Its autofill capability works flawlessly while you log in to your accounts across the web or input credit card information while online shopping. Sharing passwords and other vault things with others is also straightforward. You can securely share goods with others whether or not they use 1Password. And if you have a family membership, you may share any number of vault items with up to five friends or family members as well as up to an additional five visitors (who only have access to a single vault).
While 1Password doesn't have its own data breach monitoring tool, it does offer HaveIBeenPwned integration in its Watchtower feature. Watchtower is 1Password's version of a password health report tool, which contains information on insecure credentials that were revealed in a data breach, identifies reused and weak passwords and warns any sites where you haven't implemented two-factor authentication.
1Password's Travel Mode is a unique feature that's very beneficial for persons who travel regularly, especially to places that may impose rigorous government monitoring. With Travel Mode on, vault items that you haven't tagged in the app as "Safe for Travel" will be temporarily wiped from the app on all of your devices. This helps make things like any especially important login information or financial information unavailable to any authorities who may ask you to unlock your device for examination. When you deactivate Travel Mode, all of the items temporarily hidden are automatically restored.
1Password is somewhat on the more costly side, compared, at $36 per year for solitary users or $60 per year for families. There is no free plan available, however each membership includes a 14-day free trial to start.
NordPass is the password management system built by Nord Security, the company behind the famous virtual private network NordVPN (one of CNET's top VPN recommendations). Nord's password manager is relatively young, but has enhanced its product in the last year with a bevy of features that has brought it up to speed with its rivals and has helped it earn a position among our best password manager options. If you're currently a NordVPN member, or are already in the Nord Security ecosystem and you're searching for a top-notch password manager, then NordPass is a no-brainer.
While not quite as robust as Bitwarden's free tier, NordPass's free plan is more than serviceable. With NordPass's free subscription, you may save an unlimited amount of vault items across all of your devices and you have access to other basic features like a password generator, sophisticated multifactor authentication and automatic sync. With the premium plans, you also receive password health reports, data breach scanning and monitoring, secure sharing, password history, emergency access, passkey integration and the option to attach up to 50 files to each vault item, totalling up to 3GB.
The NordPass interface is beautifully designed and simple to utilize. It works effortlessly across all platforms including Windows, Mac, Linux, Android and iOS, along with browser extensions on Chrome, Firefox, Edge, Brave, Safari and Opera. Its free plan is ideal if you want something that can get the job done for free, but its premium levels are competitively priced at $24 per year for people or $44 per year for a family membership that covers six users. If you join up for a free plan, you also receive a generous 30-day free trial of Premium. Premium memberships also have a 30-day money-back guarantee.
Keeper is a fantastic choice for anybody who wants a family subscription with significant quantities of cloud storage and ongoing dark web surveillance or anyone who may require offline access to their vaults when traveling or in places with poor internet.
Keeper is a safe and well-established password manager with an easy-to-use design and all of the features you need in a password management system, plus a few more. Like the other password managers described above, Keeper allows you store and sync an infinite number of vault objects across an unlimited number of devices. But the number of platforms you can use the service on is a little more limited than most other password managers. You may access your Keeper vault through its online interface or its applications for Windows, MacOS, Linux, Android and iOS. The only Keeper browser extensions available are for Chrome, Firefox, Safari, Edge and Opera, which is less than what most other premium password managers provide.
Securely sharing vault things is easy and uncomplicated. You may either share an item permanently, or select for a one-time sharing that's only available on a single device for a defined length of time. Keeper also provides a dark web monitoring function called BreachWatch on top of its password security audit report. The BreachWatch function continually scans the dark web and delivers an alert if it detects that any of your credentials have been hacked. Another important feature is Keeper's offline mode, which enables you to access your vault goods even when offline. This might be beneficial if you're someplace with zero or restricted internet connectivity and need to retrieve goods from your vault.
Keeper doesn't offer a free plan, but you may take advantage of its 30-day free trial to determine whether it's appropriate for you. Standard price is on line with 1Password at $35 per year for individuals, while its family plan is $15 higher at $75 per year for a family of five (which includes 10GB of file storage).
Other password managers I tried
Dashlane Dashlane is a nice password manager that's simple to use and has a solid collection of functions, but it doesn't provide anything remarkable compared to the others that would justify its somewhat costly price. The free option allows you save an unlimited amount of passwords, but is restricted to a single device -- which may work for you if you just have one computer or mobile device. But if you want to sync numerous devices using Dashlane's free plan, you're out of luck. I found Dashlane's MacOS software to be a touch unstable in some cases when sharing vault contents, and the password generation isn't as comprehensive as what others provide.
Still, Dashlane costs $33 per year for the individual plan and $90 per year for a family plan that covers up to 10 users. The family package includes access to a virtual private network from Hotspot Shield, a mediocre VPN option that falls short of entering CNET's top VPN list. The VPN service is only accessible to the admin of the family plan, and there's no alternative to acquire a family plan for less without the VPN or by limiting the amount of licenses in the plan. But if you have a large family or want to share a password manager with a lot of your friends, then Dashlane could be a good fit for you.
Enpass
Enpass is unusual in that it enables you to store your vault at a place of your choice. It doesn't have centralized servers that keep your info. You may either save your vault on your devices directly, or in your own personal cloud storage like Dropbox or iCloud. Unless you're keeping it on your own device, you'll need to trust the third-party cloud service you're using just as you'd need to trust any other password manager with your vault. But with your vault stored locally on your device, you can access your vault items while offline or in areas of limited internet access.
Enpass is an excellent solution for anybody who wants total control over the storage of their password manager vaults and anyone who may be jaded by the way LastPass has failed to safeguard user vaults. If that's you, and you don't mind using an app that's a touch antiquated and cumbersome but still completely functioning, then give Enpass a try. There's a ton of choices for tweaks as well, so it's a fantastic option for the more techy audience or someone who wants to fiddle about. Enpass costs $24 per year for individuals or $36 for the first year (then $48 per year) for a family package that includes six licenses. You may also buy a lifetime individual plan for $100.
Keepass Keepass is totally open source and completely free. It's a robust password manager, but oriented mostly for the technological set. The UI is archaic and complicated to use compared to what other password managers provide. Keepass is geared for usage on Windows desktops, however unofficial versions for other platforms like MacOS, Linux, Android and iOS are available for download on the site. But if you have a great lot of technical know-how and want a free password manager that's open source and extremely configurable, then Keepass may be a choice for you.
Apple iCloud Keychain
Apple's built-in password manager for Macs and iOS devices is presumably already known to most Apple customers. It's a safe and handy password management solution that's included with your Apple ID at no extra cost. It provides basic functions like saving and autofilling your passwords and other information like credit card numbers and passkeys, but it lacks the full scope of possibilities given by competing premium password manager solutions. You can set up iCloud Keychain on a Windows desktop as well, but you'll need to begin the procedure from your Apple device. So it's really only a viable (albeit very basic) password manager solution if you already own an Apple device.
ExpressVPN Keys
ExpressVPN, CNET's Editors' Choice best overall VPN, is getting into the game with a new password management tool called Keys. The password manager is presently in beta and only accessible to a restricted number of ExpressVPN customers, but will be pushed out more generally and integrated with all ExpressVPN accounts at a later date. Though it's still in beta, Keys is already a feature-rich password manager that's intuitive and user-friendly. Keys includes many of the features that other top password managers offer, including a configurable password generator, password health reports, 2FA, auto-sync and autofill. Express has recently introduced an authenticator function to Keys, which can produce six-digit time-based one-time passwords (TOTP) that cycle every 30 seconds. The TOTP capability is only accessible to certain Android users at this moment, but will be pushed out generally in the near future, Express stated.
Keys will be accessible as a browser extension for Chrome, Edge, Opera, Brave and Vivaldi, and featured on ExpressVPN's iOS and Android applications. Once Keys is rolled out to all users, it will be an ideal password manager choice for ExpressVPN users. I'm delighted with the service so far, and it's apparent the Express team is working consistently to enhance the product and add new features. But at this point, it doesn't belong among the top picks because it's still in beta and not available to all ExpressVPN users yet, let alone to folks who don't use ExpressVPN. Once it is rolled out broadly to all ExpressVPN users, it would be nice to see Keys also made available to non-users as well, à la NordPass.
What about LastPass?
LastPass is one of the most well-known and popular password managers on the market, with more than 33 million personal users and 100,000 commercial users, according to the firm. However, in light of its lengthy history of security incidents -- including the data breach at the end of 2022 in which a "unauthorized party" stole customer account information and sensitive vault data -- CNET cannot in good conscience recommend LastPass to our readers.
Even considering that LastPass has completed its investigation into the incident and has prioritized "investments in security, privacy and operational best practices" in the wake of the breach, the password manager remains off CNET's list at this time. The disturbing extent of that recent data leak has seriously weakened faith in the company's security tool for individual users and enterprises.
That said, CNET will be performing a complete re-review of the service in the future, after which we will reconsider whether LastPass has earned a chance to be on our list of top password managers again. In the meanwhile, you may resort to any of the password managers highlighted above.
Password manager FAQ
How do I set up a password manager?
Most password management configurations are basic and uncomplicated. Typically, after you've settled on a password manager and joined up for the service you'll be requested to generate a master password. Your master password should be a strong password or passphrase that you can remember, but haven't used for any other logins. The master password is the one password you need to access your password manager vault. The next step is to download the app or browser extension on the devices you want to utilize the service on. You may also elect to utilize the web-based user interface if you like (if supplied by the provider you pick).
Once you've signed up and gotten acquainted with the app, it's time to start adding passwords and other vault items you want to keep secure. If you have passwords saved in a web browser or other password manager, you can quickly import them to the new password manager (most password managers provide easy instructions on how to accomplish this). If you don't have passwords stored in another area, you may either manually input the login credentials or you can have your password manager automatically remember your credentials when you connect into one of your online accounts. Once you've got your passwords saved, you can use your password manager to autofill the login credentials for the accounts you have stored in your vault.
Can a password manager be hacked?
Password managers are incredibly appealing targets for hackers -- and sure, they can be compromised, as we've seen with LastPass. However, all of the password managers listed above (including LastPass) operate on a zero-knowledge approach to password management, meaning that not even the company storing your vault data has the ability to decrypt the information contained within. Only the user may decrypt and access their own vault. Similarly, the password managers described above do not have access to your master password.
All of this makes it difficult for an attacker to really obtain access to the passwords and other things in your vault. In the instance of the recent LastPass hack, attackers were able to acquire encrypted user vaults. So all the attacker would need to do is crack the master password for a stolen vault to access everything inside, which would be an easy task if the master password is weak. The best strategy to secure your data in case of a similar attack is to develop a strong master password.
What makes for a safe password?
A strong password should preferably be a minimum of eight characters, comprising upper and lower case letters, numbers and symbols. You may also generate passphrases that consist of randomly strung-together words. The finest password managers provide adjustable password generators that you can use to generate really random passwords and passphrases based on the parameters you specify. The longer and more complicated the password or passphrase, the better.
Can I use a free password manager?
There are a few reliable free password manager choices for anybody who wishes to safely save their credentials without spending a thing. Bitwarden is CNET's suggestion for the best free password manager, due to it containing a vast feature set and allowing for an infinite amount of vault items on an unlimited number of devices at no cost. NordPass is another password manager that provides a valid free plan that is virtually as excellent as Bitwarden's. If you're more technically minded, you may go for Keepass, which is entirely free and limitless, but not as simple to use as many others.