Most password managers offer strong password security in much the same way – by encrypting data at rest and in transit so if data stored in a password manager is accessed or intercepted by a third party who does not have the decryption key, the data is indecipherable. However, some password managers make it easy for third parties to access your passwords without a decryption key.
Password manager decryption keys are most often derived from the master password you use to access your password manager via a process known as Password-Based Key Derivation Function 2 (PBKDF2). As a user of a password manager, you don´t need to do anything to create a decryption key because it is done automatically by the password manager´s software.
In addition, the master password you use to access your password manager is salted and hashed before being saved on the password manager´s servers. This means not only does the provider of the password manager not know your master password, if the provider´s servers are hacked by a cybercriminal, the cybercriminal will not be able to decipher your master password.
Some Password Managers Have Stronger Password Security than Others
In theory, this sounds very secure, but in practice it´s not the case with every password manager. Some password managers – i.e., Chrome – sign you in by default when you launch the (i.e.) Chrome browser. Because your master password is used during the default login process, any third party with access to your PC or mobile device can access your password manager and its contents without a decryption key (which is why Google keeps nagging you to PIN-lock your devices).
Password managers with stronger password security not only require you to login manually at the beginning of every session but they can also be configured to log you out of the password manager after a period of inactivity. While this introduces a degree of inconvenience, the inconvenience is a reasonable price to pay for securing your password manager against nosey colleagues when your work PC or laptop is left unattended, and mobile phone thieves.
Automatic log-out isn´t the only tool password managers provide to offer stronger password security; and when you look at some password manager plans, there is an extensive range of tools, features, and capabilities that can help individuals, families, and groups better protect online accounts. We´ll compare a few of the plans and the tools they offer as we answer the question does Bitwarden, Dashlane, or Keeper offer stronger password security.
Free Password Manager Services
Of the password managers being compared, only Bitwarden and Dashlane offer a free service. Bitwarden´s free service is very good – enabling you to save an unlimited number of passwords, payment details, and other personal data in your password vault, and synchronizing your data across an unlimited number of devices using a web service, desktop apps, mobile apps, and browser extensions. Bitwarden´s free plan also supports basic two-step login via email or authenticator app.
By comparison, Dashlane´s free service only allows you to save up to fifty passwords on one device. Although Dashlane does provide automatic alerts if weak, reused, or compromised passwords are identified in your password vault, you will have to upgrade to a Premium service if you want to save more than fifty passwords and synchronize data between multiple devices. (Dashlane´s Essentials service which previously supported unlimited passwords across two devices was withdrawn in November 2021).
In addition to the above, Bitwarden offers a two-person “organization” free service. This service provides the same core security tools as the individual free service with an additional shared folder couples can use to store shared login credentials (i.e., Netflix, Amazon, Uber, etc.). There is also a secure messaging service which enables users to share passwords and other confidential data via an encrypted message – even if the recipient does not have a Bitwarden account.
Premium and Family Plans
Once you get into the paid subscription plans, the tools for stronger password security start coming thick and fast. Bitwarden´s Premium Plan ($10 per year) includes advanced two-factor authentication (i.e., for hardware devices such as YubiKey), encrypted file sharing, and Vault Health Reports. The provider´s Family Plan ($40 per year) provides the exact same tools for stronger password security plus extra secure storage space for shared items for up to six family members.
Dashlane´s Premium Plan ($39.99 per year) doesn´t support advanced two-factor authentication nor encrypted file sharing, but does include dark web monitoring, automatic health checks, and a VPN for when you connect to unsecured WiFi services. There is also an automatic password changing feature for when weak, re-used, or compromised passwords are identified, and families of up to six can take advantage of the Dashlane Family Plan for a price of $59.99 per year.
Keeper offers few tools for stronger password security in its Unlimited Plan ($34.99 per year) and encourages users to upgrade to a “Plus” bundle for $59.47 per year which includes BreachWatch – the equivalent of Dashlane´s dark web monitoring service for $20 per year more. Keeper’s Family Plan ($74.99 per year) is equally limited in password security tools and only supports up to five users. The option to upgrade to a Family Plus bundle including BreachWatch costs $103.48 per year.
Business Plans and Add-Ons
For businesses, it is important to be aware who has access to corporate data, how they are using it, and how it is being shared. Bitwarden puts businesses in control of these issues with an Enterprise Plan ($60 per user per year) that includes a policy engine, federated login, directory integrations, and custom management roles. There is also a scaled down Teams version ($36 per user per year) which is the equivalent of a personal Premium Plan for an unlimited number of users.
Dashlane´s Business Plan ($96 per user per year) is much the same as Bitwarden – notwithstanding that Dashlane includes proactive dark web monitoring, automatic alerts, and VPNs for unsecured WiFi. Each Business Plan also includes a free Family Plan for each user, and for businesses that can do without this benefit and Single Sign-On, Dashlane´s scaled down Teams Plan comes in at a competitive $60 per user per year – the same as Bitwarden´s fully-featured Enterprise Plan.
Keeper keeps its cards close to its chest about what tools it offers businesses for stronger password security. The provider´s basic Business Plan ($40 per user per year) is limited to 100 users and includes lust basic two-step login and a policy engine. For tools such as SSO, AD integration, and automated management, you have to talk to sales. A look at the Keeper website reveals you have to pay extra for add-ons such as secure file sharing, dark web monitoring, and customer support.
Conclusion: Stronger Password Security Doesn´t Have to Cost a Lot
When you compare password managers for stronger password security, it is not only the tools that are important but how they are used. Fortunately, tools such as Bitwarden´s Vault Health Reports (available from premium Plan level upwards) advise you when you have login credentials saved for an online account that supports two-step login, but you are not taking advantage of this stronger security option. At $10 per year, Bitwarden´s Premium Plan is the best for individual users.
The situation for businesses is complicated by Keeper´s lack of transparency over its pricing. Considering how much the provider charges for its Premium and Family Plus packages, the cost of a fully-featured and secure Enterprise Plan is likely to be prohibitive for many businesses. Fortunately, Bitwarden and Dashlane are more realistically priced and both offer businesses free trials of both their Teams and Enterprise/Business plans for you to evaluate the services in your own environment.