From banking sites to dating apps, you need different login information nearly everywhere you go on the internet. Creating unique and strong passwords can get tricky fast. Some people use simple, easy-to-remember passwords, while others memorize a single complex password and use it everywhere online. Either option is a recipe for disaster in the form of identity theft or an account takeover, so don’t do it. Instead, use a password manager.
What a Password Manager Actually Does—and Why You Need One
A password manager is an app or browser extension that generates unique passwords for you and stores them in a vault, either in the cloud or locally on your device. A password manager can automatically fill in your email or username and password on websites where you have accounts, so you don’t have to remember or type your passwords anymore. The best password managers can generate and store passkeys too, so you can start leaving usernames and passwords behind for good.
When choosing a new password manager, consider apps that offer alternatives to company-controlled cloud storage. In an age of near-constant data breaches, it’s unwise to leave all of the keys to your online home in someone else’s cloud storage system. Instead, look for apps that let you store your credentials locally or in the cloud, and that you can access and monitor. Enpass has offered local and independent cloud storage options to its customers for many years. LogMeOnce and RoboForm also offer local-only storage options.
What Is a Password Manager, and Why Do I Need One?
Password managers can fill in personal information on shopping websites, like your name, address, and credit card number. This can save time during online checkout. Some password managers can also store important documents and other sensitive information, such as safe codes and medical data, in their vaults.
After importing any passwords you’ve been saving in browser extensions or in a spreadsheet, a password manager app will identify any breached, weak, or reused passwords in your vault. The best part about using a password manager is that it prevents you from reusing the same password across your online accounts.
Whether you’re storing your passwords locally on your device, writing them in a notebook at home, entering them in a spreadsheet on your computer, or keeping them in an encrypted vault in the cloud, the most important thing is to ensure they’re unique. Reusing passwords puts you at risk for account takeovers because it’s incredibly easy for criminals to find your old email addresses and passwords on the dark web. They can use those credentials to access your accounts protected by reused passwords.
With that in mind, I recommend changing your password generator settings to create passwords that are at least 20 characters long and include all the major character types: uppercase, lowercase, numbers, and symbols. Most password managers also let you save your passwords as passphrases, too.
Who Should Use a Password Manager—and Which Level Fits You
(Credit: Proton/PCMag)
It’s important to find the right tools that work with your lifestyle, and luckily, it’s pretty easy to find a password manager that meets your needs. Check out the list of the best password managers below to see more specific use cases, but in the meantime, here’s a look at three different levels of password management that may work for you at home.
Level 1: Basic Protection for Everyday Users
If you use the internet minimally at home or at work, or you’ve been keeping your passwords in a browser, or in the back of a notebook in your desk drawer, you probably don’t need the high-level security that a CEO or president at a financial institution may require. Instead, consider using the free password management apps pre-loaded on most smartphones, such as Apple’s Passwords app or Google Password Manager. If you’d prefer to use a third-party app, I recommend the free version of Proton Pass, which is PCMag’s Editors’ Choice because it includes email alias generation and it’s incredibly easy to use. I also like LogMeOnce, because it’s free and offers options for storing your passwords locally.
Level 2: Extra Features for Busy Professionals and Families
If you work in an office or at home and have a job that requires a lot of emailing, document transfers, or password sharing, you may want to use a password manager at home with features you can find within the password management apps you use at work. Editors’ Choice NordPass is the recommended option at this level, because it’s easy to use, affordable, and includes helpful features like email alias generation, dark web monitoring, document storage, and emergency access. If you’re someone who shares passwords with family members or friends, look for an app that allows you to send encrypted, time-sensitive links. Dashlane, Keeper, and the aforementioned NordPass all offer this feature.
Level 3: Advanced Security for High-Risk Users
A person with a high-profile or public-facing job, like an activist, journalist, politician, or C-level executive, should consider using a password manager at home that includes security features like activity logs (so you know when someone else is in your vault) and dark web scanning (so you know when a company loses your data in a breach). Dashlane and Keeper both offer activity logs, though dark web scanning is a paid add-on for Keeper subscribers. Dashlane also offers anti-phishing alerts that will notify you when you attempt to enter private information from your vault on a malicious website.
The Best Password Managers We’ve Tested
All of these password managers are my recommendations for home use. Most companies require employees to use specific password managers, so I recommend using the one your IT or IS department requires to store your work credentials. I also recommend keeping your work credentials separate from your personal credentials, just as you should keep any work-related apps off of your personal devices to prevent workplace spying.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy
Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Password Manager Pricing: What You Can Expect to Pay
Password manager prices vary widely. For example, at the time of publication, Bitwarden is $19 per year, while Dashlane is $64.99.
Most password managers charge a subscription fee, but some still offer fully functional free versions of their premium apps. I emphasize the functionality aspect because many password management companies have been whittling down the free features, making the apps almost unusable. Limitations include an inability to sync between devices or restrictions on how many credentials you can keep in the vault. The list of free password managers highlights only apps that work across all your devices and store unlimited usernames and passwords.
Getting Started: How to Use a Password Manager Safely and Efficiently
(Credit: NordPass/PCMag)
Most modern password management apps are more like “everything managers” that can generate MFA codes, help you share passwords with family or work colleagues in a safer way, and store all kinds of private data, from driver’s licenses to passkeys.
Recommended by Our Editors
I recommend reading about how we evaluate password managers. I recommend always trying the premium version of an app before committing to a subscription plan or using the free version. If you want to switch from your old password manager to a new one, I wrote a guide to help you do so.
Step 1: Secure Your Vault With Multi-Factor Authentication (MFA)
After installing your chosen app and signing in, head to the settings menu and set up your multi-factor authentication (MFA) method. MFA adds another layer of security to your password management account, so a criminal would need more than just your master password to get into your password vault. That additional data could be your fingerprint, your face or voice recognized by your device’s software, a code sent to a mobile authenticator app, a memorized passcode, or a tap on a hardware security key. Some apps also allow you to access the password manager only from registered, trusted devices.
Step 2: Install Apps and Browser Extensions for Seamless Access
Now it’s time to start using the password manager. For many people, installing a browser extension is the easiest way to get started. The password managers we’ve tested offer extensions for all popular browsers, and some also offer a local app that fills in and captures passwords within desktop applications. All the password managers I’ve reviewed have mobile apps. The Android and iOS apps usually have similar features and interfaces. Sometimes, you may need to adjust your device settings so that the password manager app plays well with Google’s built-in Password Manager or Apple’s Passwords app.
Step 3: Capture, Store, and Autofill Your Passwords Effortlessly
If the password manager app works correctly, it will capture your username and password when you log in to a site for the first time and save the credentials in your vault. Some password managers track changes to usernames and passwords for vaulted logins and offer to update the stored information for that website or app.
If auto-login fails, you can always open the password manager app and manually paste the password into the field. Just navigate to the login entry in the password manager, then tap the password field to copy it. With most password managers, you don’t have to reveal the password to copy it; the credential remains hidden from prying eyes.
Stay Safe Online: Make Your Password Manager Work for You
Any password manager you choose should be easy for you to use. If you find yourself going back to old, insecure password habits, maybe it’s time to find a password manager that better suits your needs. There are many products to choose from, and taking a little time to find the right password manager to protect your logins can save you a lot of frustration in the future.
About Our Expert
Kim Key
Senior Writer, Security
Experience
I review privacy tools like hardware security keys, password managers, private messaging apps, and ad-blocking software. I also report on online scams and offer advice to families and individuals about staying safe on the internet. Before joining PCMag, I wrote about tech and video games for CNN, Fanbyte, Mashable, The New York Times, and TechRadar. I also worked at CNN International, where I did field producing and reporting on sports that are popular with worldwide audiences.
In addition to the categories below, I exclusively cover ad blockers, authenticator apps, hardware security keys, and private messaging apps.
Read Full Bio
