Choosing the Best Password Manager

Over the last few years, various surveys have claimed that the average Internet user has more than 100 online accounts that require login credentials. While these claims are possibly inflated to serve a purpose, many of us have more than twenty online accounts we use frequently, and probably another twenty online accounts we use from time to time.

Remembering the login credentials for each online account, especially those we only use from time to time, is difficult; so many of us use the same username and passwords combinations or memorable passwords that relate to each site – for example “BOA123”, “paypal001”, “amazon99” etc. The trouble is that many other people do the same.

Consequently, when cybercriminals get hold of our usernames (usually our email addresses), they know the most popular combinations of usernames and passwords from previous data breaches and can program their hacking algorithms with commonly used passwords to reduce the length of time it takes to hack into our online accounts, WiFi networks, and mobile phones.

Using Stronger Passwords is Ideal, but Inconvenient and Not Always Secure

Using a unique, complex password for each account reduces the likelihood of an account getting hacked because it can take centuries to crack a really complex password. However, remembering a complex 16-digit password using a combination of upper and lower case letters, numbers, and special characters is difficult – more so if you have to remember more than a hundred of them!

To overcome the issue of memorizing multiple passwords, many people write them down or save them in a spreadsheet on their computer. This is okay until you want to use an online account on your mobile phone and the password is in a drawer in your house, or until your WiFi network gets hacked and a cybercriminal gets access to all the passwords saved on the spreadsheet.

For this reason, more people are starting to use password managers – software solutions that save usernames and passwords, and then autofill the login credentials when you visit an online account for which a username and password has been saved. With most password managers you can also save names, addresses, payment details, and other confidential data.

The Different Types of Password Manager

Password managers are not all the same. There are some (i.e., Chrome, Edge, Firefox, etc.) that only work on a specific browser, while others (iCloud Keychain, Microsoft Credentials, etc.) only work on a specific operating system. While these may be convenient for some users, they only synchronize data across the same browser or operating system so aren´t the most convenient options.

Furthermore, if you use a browser-based or OS-based password manager, it is not possible to securely share login credentials with anybody else if (for example) your partner wanted the login to your Netflix account. In this scenario, you would have to send your Netflix password to your partner using an unsecure channel of communication such as SMS text, email, or chat app.

It is also the case that most browser-based and OS-based password managers automatically log you in when you launch the browser or operating system. This means that anybody with unlocked access to your PC or mobile phone could access your password manager and not only see all your passwords but also any other payment details and confidential data stored in the database.

How Vault-Based Password Managers Differ

Vault-based password managers differ from browser-based and OS-based password managers inasmuch as they save login credentials (etc.) in a vault which can only be accessed by entering a master password at the start of each session. Some password managers can also be configured to automatically log you out after a period of inactivity to prevent unauthorized access to your data.

Depending on the capabilities of the password manager (and often the payment plan you subscribe to), vaults are stored either locally on your device(s), in the cloud, or on your PC or workplace server. They generally include tools for generating complex passwords, sharing complex passwords, and letting you know when a password is weak, re-used, or compromised in a data breach.

As vault-based password managers scale out to meet the requirements of security-conscious individuals, families, and businesses, the number of features increases. You can improve the security of accounts with two-step login, share large files securely among families and workplace colleagues, and manage how employees use corporate passwords with policy engines and event logs.

How Vault-Based Password Managers Compare

Comparing vault-based password managers is difficult because different people have different requirements. Some will be happy with securing a limited number of passwords on a single device, while others want a password manager with cross device synchronization and advanced features such as support for two-step login and secure password sharing.

For families, workplace teams, and business organizations, there is often a wider range of requirements. Family members may want to use their password manager to create a digital legacy that other family members can access in the event of incapacitation, death, or another emergency. They may also want to share documents securely with other family members on a regular basis.

In addition, teams and organizations may need to implement role-based access controls, enforce password policies, adopt more advanced authentication technologies, and integrate their password manager with business directories. Because of these different requirements, we have taken a selection of the most popular password managers below and compared their features and prices.

The Best Free Password Manager

Not every password manager has a free service; and, of those that have, some services can be very limited in the number of passwords you can store or the number of devices you can use the password manager on. This table provides a quick reference to which password managers have a free service and the extent of the free service.

Netsec.news Best Password Manager Free Plans

Notes

1Password has not offered a free service to customers since 2019. If you see any 1Password free plans being offered, please note these are only 14-day trails of the provider´s premium plans. After the free trial has expired, you will be required to pay for an annual subscription.

Bitwarden also offers a free two-person plan in addition to its free plan for individual users. This plan provides each individual user with their own vault for storing personal data and access to a shared folder for storing login credentials and payment details etc. for shared accounts.

Dashlane – although limiting you to 50 passwords on one device – includes a feature in its free plan which checks for weak, re-used, and compromised passwords and alerts you to data you have saved in Dashlane that has been exposed in a data breach.

Keeper only offers a free service for individual users if you sign up for a free trial of its “Unlimited” premium service and don´t proceed with a subscription at the end of the trial. Thereafter, you can use Keeper´s free service on one mobile device only.

LastPass recently changed the conditions of its free plan and you now have to decide whether to use the password manager on PCs and laptops or mobile devices. You can´t use the password manager across a PC and mobile device without subscribing to a premium plan.

NordPass is a well-established name in online security, so it is surprising the provider doesn´t offer a secure sharing feature in its free plan – forcing users to share passwords and other data via unsecure channels of communication such as SMS text, email, and chat apps.

RoboForm is unique among the free password managers that support multiple devices inasmuch as it doesn´t support automatic synchronization. This can severely impact the effectiveness of the password manager if you have some credentials saved on one device and other credentials saved on another.

The Best Free Password Managers Conclusion

Most people will want to use a password manager across multiple devices to avoid a scenario similar to the one mentioned previously in which you want to use your mobile device to log into an account, but the login credentials are stored on your PC at home. That knocks out all bar Bitwarden and NordPass once you take into account that RoboForm doesn´t automatically sync data across devices.

Of the two remaining options, the choice of the best free password manager depends on whether you would prefer the secure sharing capabilities of Bitwarden or the advanced two step login capabilities of NordPass that lets you add an extra layer of protection to accounts via hardware devices as well as via the “basic” methods of email and authenticator app provided by Bitwarden.

The Best Premium Plans for Individuals

When you subscribe to a premium plan, the number of features you have access to increases. This doesn´t necessarily mean your online accounts are more secure. How you use the features determines security, so ease of use is an important consideration – notwithstanding that the price you pay doesn´t always reflect the standard of security available to you.

Netsec.news Best Password Manager premium Plans

Notes

1Password has a data health check feature called WatchTower, but according to several sources on the Internet, the feature is unreliable, it returns different results depending on which device you use it on, and it doesn´t work at all on iOS mobile devices.

Bitwarden Data Health Checks are more comprehensive than most others that just alert you to weak, re-used, and exposed passwords. For example, the Reports will identify when two-step login is available for an account, but not yet activated by the user.

Dashlane used to offer a cheaper “Essentials” plan in addition to its “Premium” plan. Dashlane Essentials cost $23.99 per year for a similar service to its free plan other than it enabled users to save an unlimited number of passwords across two devices. This plan was discontinued in November 2021.

Keeper offers individuals two premium plans – the “Unlimited” plan featured above and “Unlimited Plus” plan which includes automatic data health checks and secure storage, but which costs $59.47 per year for an annual subscription.

LastPass provides a fully-featured premium password manager for individual users, but at a price significantly higher than Bitwarden for the added benefit of automated data health checks via dark web monitoring – a feature we hope many users will not find necessary.

NordPass has a convoluted pricing scheme that offers heavily discounted introductory prices (currently $23.88 for the first year) and then charges the full price when the introductory price expires (currently $59.88 per year). Buyer beware!

RoboForm doesn´t quote a storage capacity, but states it is enough for 1,000 logins, 100 contacts, 50 “safenotes”, and 5 identities. The price of the premium “Everywhere” plan is $23.88 per year but there is a permanent special offer on RoboForm´s website reducing the price to $15.50 per year.

The Best Premium Plans for Individuals Conclusion

Even taking RoboForm´s permanently discounted price and NordPass´ introductory price into account, Bitwarden smashes it out of the park when it comes to price-competitiveness for premium plans. While price alone does not guarantee Bitwarden is the best password manager for individuals willing to pay for a premium subscription, the password manager´s features are hard to beat.

One feature not mentioned above is technical support. This is because all our featured providers have extensive Help pages on their websites and many have monitored community forums in which users can ask questions if they get stuck. In addition, you will usually find a support email address or web form in the Contact Us section of each provider´s website.

The Best Password Manager for Families

Password managers for families usually consist of multiple premium accounts under the same subscription – but at a discount. In addition to providing each family member with a personal vault, there are usually shared vaults and a management dashboard that the owner of the family account can use to assign shared passwords and individual permissions. (Prices shown below are per plan per year)

Netsec.news Best Password Manager Family Plans

Notes

1Password allows you to increase the number of users in the family plan at a cost of $12 per additional user per year. With regards to the health data check feature, the same issues exist with the family plan as the premium plan.

Bitwarden gives families an extra 1GB of secure storage for shared documents in addition to the 1GB of secure storage per user for individual accounts. Account owners can also run data health checks on all shared data in the family plan, but not individual personal data.

Dashlane limits its dark web monitoring feature to 5 email addresses per user. While this shouldn´t be an issue for most families, if a family member uses multiple identities on – for example – a social media platform, it may not be possible to monitor all of them for password exposure.

Keeper again provides a choice of two premium plans. The plan featured above once again excludes automatic data health checks and secure storage, for which families will have to pay a total of $103.48. Both services can be subscribed to individually for prices of $34.55 and $28.79 respectively.

LastPass charges only 33% more for a six-person family plan than it does for an individual premium plan; and, if you subscribe to a family plan at the right time, you can get it for the same price as an individual premium plan – implying that LastPass´ prices for individuals are inflated.

NordPass again tries to pull the wool over subscribers´ eyes by offering heavily discounted one-year ($71.88/year) and two-year ($59.88/year) family plans – not making it clear that once the introductory offer expires the renewal price is (currently) $95.88 per year.

RoboForm keeps us guessing about how much secure storage each family member receives and once again markets a special offer on its website – reducing the annual cost of a family plan from $47.75 to $31.00. Please note there is no discount for longer subscriptions.

The Best Password Manager for Families Conclusion

In most cases it makes financial sense to subscribe to family plan if two or more members of the same family will make use of the password manager. Furthermore, account owners will be able to selectively share passwords securely so that parents have access to login credentials for joint bank accounts, while the whole family can share the logins for Netflix, Deliveroo, etc.

The notable exception to this financial rule of thumb is Bitwarden due to the cheap price of its premium plans for individuals. Nonetheless, unless there are reasons for selecting an alternative password manager (i.e., Dashlane´s VPN for unsecured public WiFi), Bitwarden continues to offer the best value for money in terms of the features available to secure accounts.

The Best Password Manager for Teams

The best way to describe password managers for teams is feature-limited password managers for businesses. Providers offer this option to encourage businesses to adopt password managers at a more affordable price; and, if you are prepared to compromise on bells and whistles, it could save the business several thousand dollars over the course of a year.

Netsec.news best Password Manager team Plans

Notes

1Password Teams plan is a fixed-price $19.95 per month regardless of the number of users (up to ten). The plan includes five guest accounts for occasions when team members need to share data with third parties outside the plan, but the data health checks are just as ropey.

Bitwarden Teams – like many other Teams plans – is a Family plan for an unlimited number of users and is perfectly adequate for the majority of businesses. It does however include API access, event and audit logs, and directory synchronization if you need it.

Dashlane chat tech support is available in English, French, and German from 9:00 a.m. to 6:00 p.m. EST, Monday through Friday. Outside these hours, you will need to use email to seek assistance for any problems you encounter or use the website´s comprehensive Help pages.

Keeper Teams looks a good price on the surface, but if you want dark web monitoring, secure storage, or any thing more than basic tech support, you will have to pay for it as an add-on – and it´s not cheap. Keeper´s BreachWatch monitoring service starts at $15 per user per year.

LastPass Teams plan is more featured-limited than most of password managers for teams highlighted in this section, and although it does include an admin console through which you can apply password policies, the number of policies you can apply is limited to ten.

NordPass Teams (known by NordPass as “Business”) suffers from the same lack of pricing transparency as its personal and family plans. Consequently, you could sign up for a two-year subscription for $38.28 per year, only to find the price doubles at the end of the introductory offer.

RoboForm does not offer a feature-limited version of its Business plan.

The Best Password Manager for Teams Conclusion

This category in our guide to the best password manager is closer than most. Although Bitwarden narrowly remains the most price-competitive option ahead of NordPass´ introductory offer, the lack of a policy engine and automatic data health checks could sway some businesses to look elsewhere for a more fully-featured alternative.

Unfortunately, most of the other contenders in this category also have their faults. Whether it is unreliable dark web monitoring, hidden add-ons, or limitations on use, it is difficult to find a suitable alternative to Bitwarden. Possibly you could try NordPass for two years and then switch to another provider, or maybe opt for a fully-featured business plan instead.

The Best Password Manager for Enterprise

Providers often refer to their fully-featured business plans as “Enterprise Plans” even though they may be suitable for business of all sizes. Furthermore, as you will see from the table below, some fully-featured business plans are more fully-featured than others, requiring businesses to weigh up what features are important to them when compared to the cost of each solution.

Netsec.news best Password Manager Business Plans

Notes

1Password would be a strong contender for best password manager for enterprise if it could sort its data health check issues out – especially as it offers a free Family plan for each user that can help promote a culture of online security among employees.

Bitwarden is the only password manager for enterprise that ticks all the boxes in our business plans comparison, with the only potential downside being that technical support is only available by email. Then you have to remember we´re talking about password managers – not nuclear reactors!

Dashlane is another enterprise password manager that could be suitable for businesses of all sizes – provided businesses in regulated industries do not store data in vaults that would violate the need to know where data is at all times (only self-hosted password managers comply with this requirement).

Keeper has so many add-ons, it is difficult to calculate a price for its enterprise password manager. Furthermore, businesses with over 100 users may qualify for a volume discount. Nonetheless, the likelihood is Keeper will work out as one of the most expensive enterprise password managers.

LastPass appears price-competitive in this category, but you have to factor in the provider charges extra for Advanced SSO ($2 per user/month) and Advanced MFA ($3 per user/month). Alternatively, businesses can have both these features included for a total cost of $108 per user/month.

NordPass price for more than 250 users is “subject to custom terms”; and although the custom terms may result in some price flexibility (i.e., admins, managers, and users are priced differently), businesses are warned to be aware of introductory offers turning into expensive renewals.

RoboForm looks to be the least fully-featured password manager for business in this group, and the price reflects this – ranging from $19.45 to $22.70 per user per year if you take advantage of the online discount (regular price range is $29.95 to $39.95 depending on the number of users).

The Best Password Manager for Business Conclusion

It is fair to say there is no one-size-fits-all best password manager for business. While Bitwarden looks best on price-vs-capabilities and supports self-hosting for businesses in regulated industries, some businesses may not have the necessary in-house skills to deploy an enterprise-scale password manager without outside assistance and may wish to take advantage of a VIP tech support package.

The best way to determine which the best password manager is for your business´ requirements is to make a short list of what those requirements are and take advantage of the free trials offered by password manager vendors. While some vendors only offer free trials for their enterprise plans, it will give businesses a good idea of what features they need and what they can live without.

Best Password Manager FAQs

Why is a vault-based password manager better than (say) the Chrome password manager?

There are several reasons why a vault-based password manager can be more convenient and more secure than the Chrome password manager. For example, when you visit a website for which login credentials have been saved by a vault-based password manager, it will auto-fill the login credentials regardless of what browser you use to visit the website. If you use a Chrome password manager, it will only auto-fill login credentials when you use the Chrome browser. This makes it more convenient to use a vault-based password manager if (for example) you use the Chrome browser on your home PC and the Edge browser on your work PC.

With regards to vault-based password managers being more secure, when you use a password manager you have to sign into the password manager at the beginning of each session. You are automatically logged out at the end of the sessions or if you have configured the password manager to log you out after a period of inactivity. The Chrome password manager never logs you out; so, unless you PIN-lock all your devices, anybody with access to your computer or mobile can access data in the Chrome password manager without having to enter a username and password.

What is the difference between text only secure sharing, limited secure sharing, and text + file secure sharing?

Text only secure sharing is similar to sending an encrypted SMS text. You write a message in your password vault, save it in the vault, and copy the link the password manager provides you with to send to your intended recipient. You can add conditions to the message such an expiration time, a maximum access account, or a password requirement. When the recipient receives the link (by SMS text, email, or chat app, etc.), they click on the link, fulfil any requirements you have imposed, and can read the message directly from the provider´s server.

Limited secure sharing (in the context of what is offered in several free password manager plans) is when the provider limits the number of people you can share text messages with (i.e., Dashlane limits you to five recipients) or the delivery method (i.e., email). Text + File secure sharing allows you to add attachments to your secure message that the recipient can download from the provider´s servers. Typically, attachments are limited in size to 1GB, but that is generally sufficient for most files shared securely using this feature.

How does “basic” two-step login differ from “advanced” two-step login?

In the context of our best password manager comparisons (because different providers use different terminologies), basic two-step login is when you enter your username and password for an online account and then have to input a PIN code (sometimes called a Time-based One-Time Passcode or TOTP) to complete the login procedure. As mentioned in the article above, the PIN code is most often sent to you by SMS text or email, or generated by an authenticator app.

When you subscribe to a plan that supports advanced two-step login, you have more options to complete the login procedure. For example, you could use a hardware device such as a YubiKey or a biometric process such as facial recognition. Not every provider supports every type of hardware device or biometric process, and some advanced solutions only work on certain devices with specific software installed. You should check with the provider what the options are before subscribing to a plan based on the availability of advanced two-step login.

If you subscribe to a family plan for six users, but your family consists of only four people, do you get a discount?

Unfortunately not. However, you can maximize the value of the plan by sharing the additional “seats” with extended members of your family (aunts, uncles, cousins, etc.) or with family friends. When you do this, the extended members of your family or family friends won´t be able to see what is in shared folders unless you give them permission to do so (which can be full permission or read-only permission). Furthermore, the plan works both ways, so you won´t be able to see what they put in personal folders unless they share that data with you.

Author: Maria Perez