The Best Password Manager in 2020
The alternative is obviously to have a vast many more passwords – a different one for each and every account that you have online. According to recent surveys, the average internet user / smartphone owner has close to 30 different password protected online accounts. For example, most of us will have several of these accounts: Gmail, Outlook, Facebook, Twitter, Amazon, Tumblr, Reddit, Netflix or Online Banking. The sheer practicality of remembering a password for all of them may be a bit beyond the average person and their IQ. Writing them down on a piece of paper or storing them on your computer hard drive is not safe either.
A good way round this is to use a password management system. It’s a safe and secure way to remember all your passwords so that you don’t have to, nor do you have to fear cyber attack.
In this article we look at the best password managers to use and why. There are certain characteristics that all password management systems should use to be worthwhile using, which we also investigate. Finally, we look at exactly why it is not good enough to use the same password over and over again.
What Is A Password Manager?
In short, a password manager is a simple and effective solution to use to remember all your account passwords securely.
More specifically, an online password manager is a type of password management system which can generate unique and complex passwords as well as providing encrypted password storage. A fundamental reason why password managers are essential is because of cybersecurity.
Why You Need a Password Manager
Despite the obvious convenience of using the same password repeatedly, there is little benefit to then using that password if it is the same for all your other accounts. This is for a couple of reasons.
- If one of your accounts is compromised by a hacker, then all of your accounts will fall like dominoes.
- It has been seen that people who reuse passwords tend to use something which is easily guessed. Without a password organizer, it’s very tempting just to use something simple, like your address or a memorable date. However it’s far, far too easy for someone to guess such a password and subsequently break into your many different accounts.
In fact, there are many wise advocates of using different passwords for different accounts that even suggest changing them regularly. For instance, online banks ask us to change our passwords every few months. Other accounts suggest that we use long passwords that are less easy to guess. The reason that having stringent passwords is such a good idea is that hackers use a variety of common methods to commit password theft. A strong password will help to protect against these.
A common method is known as a Keylogger attack. The hacker will send the victim a fraudulent email designed to look like an official email from a known company. The email contains an attachment which installs a program onto your computer without your knowledge. This program can then record everything you type. More importantly, it can identify when you fill in password and username forms and this information is sent back to the hacker who can then freely access your accounts and steal valuable information.
Another method is simply known as ‘brute force attack.’ This method entails using password cracking software which can attempt to guess your passwords by entering different ones over and over. Most passwords aren’t particularly strong and this software can usually crack your password within 24 hours or so.
Some notable examples of password theft include:
- 2014 Russian Password Theft. In 2014, Hold Security, a Milwaukee-based cyber-security firm, identified that over 400,000 websites had been targeted by Russian hackers and over one-million passwords had been stolen. The hackers used an SQL injection (similar to Key Logging) to steal the passwords.
- 2017 Mac Video Encoder. In September 2017, cyber-security experts confirmed that the Mac video encoder, HandBrake, had been infected with Keylogging malware which hackers were actively using to steal passwords and login information.
In fact, according to Haveibeenpwned.com, over half a billion accounts have been hacked or breached and their login information is therefore not secure. This website is an online database which allows people to enter their email address or password and find out whether they have been the victims of a data breach.
The statistics the website and its database generate make for some quite compelling reading. They make a strong case for using different passwords on each and every online account we have. Password theft is one of the more simple ways hackers are able to steal people’s identities, obtain sensitive and confidential information, and retrieve banking and payment details.
But if we are to have different passwords on each account, how do we remember them? And how do we generate a new, strong password for every account? The answer is a password manager, but what exactly is it? And how does it vary simply to writing them down – either on our computers or as a hard copy?
How Does A Password Manager Work?
A password manager works by creating and generating passwords that are incredibly complex. Some management systems will either then store them on a database online that is then encrypted, or when required, will calculate them when requested.
There are a few types of password management systems:
- Software applications that can be used through an online portal
- A hardware device that acts almost like a set of keys
The database that stores a person’s complex passwords, that the management system has generated, is then stored on this hardware device or is encrypted online. To access either, a user only has to remember one password to utilize the features of the password manager.
What To Look For In A Password Manager
Not all password managers are created equal. If you want value for money and an online password manager which guarantees your safety then you should ensure it contains the following features.
- Strong password generation- A good online password manager must contain software which can automatically generate strong passwords. Many internet users aren’t aware of how hacking software cracks passwords, so they create passwords which are vulnerable to brute force attacks. The best password manager systems use password generating software which creates passwords which cannot be guessed or hacked. You need not worry about remembering them as the password manager does that for you. The software can also run a diagnostic of all your current passwords and upgrade them to more complex passwords which cannot be guessed or hacked.
- Ultra-Secure Encryption- To defend against Keylogging attacks and other forms of malware, the best password manager software would encrypt all your login information, such as usernames and passwords. AES 256-bit is widely considered to be the strongest form of encryption and you should look for a password manager which offers this military-grade encryption.
- Two-step Authentication- In the worst-case scenario, i.e. your passwords are stolen, a cyber-criminal still can’t gain access to your accounts if they’re protected by two-step authentication. This means that an extra level of security is added to your account and you need to verify your identity by entering a code which is sent to your phone or email address. Password manager should be able to add two-step authentication to all your online accounts.
- Easy password management- In addition to monitoring your password’s strength, a password management system should also contain secure password storage, either on an encrypted file in your hard drive on preferably on a secure cloud. These passwords should be auto-filled whenever you log in to an account, which will ensure you never forget a password and have to resort to using the same on over and over again.
- Cross-platform compatibility- Many people use different operating systems for different devices. A person may own a PC and an iPhone for example, so it’s important for a password manager to work on multiple platforms.
- Additional Security Features- It’s also important for a password manager to have assorted security extras which can help you stay safe online. These can include security alerts if someone is trying to access your account, regular software updates, and real-time monitoring.
Before purchasing password management software it’s important to ensure it contains the aforementioned features, otherwise your passwords may not be adequately protected.
Best Password Managers of 2019
We scrutinized many password managers and assessed them based on the above criteria. After rigorous testing we determined that the following password management systems were the best:
Dashlane is a very popular password manager, well-known for its excellent customer service and first-rate security features. It offers instant security alerts and a 256-bit encryption for all your passwords and usernames. To access your Dashlane account, you are given a ‘master key’ which is a unique code requiring authenticated access.
Roboform offers one-click-logins, a strong password generator, and an efficient password organizer. With Roboform you’re protected by AES 256-bit encryption software which can also be used for web notes. All your passwords are synced and you can enjoy 24/7 customer support.
1Password provides a place for users to securely store all their passwords, software licenses, and any other sensitive or confidential information in a virtual vault which is locked using a PBKDF2-guard and a 256-bit AES encryption. All you need to remember is your master password to access the vault. You can also unlock the vault with a fingerprint scanner or PIN code. Read our 1Password review here.
LastPass allows users to store all their login information, passwords, and secure notes, in a virtual vault which is only accessible with a master password. The information is encrypted with AES-256 bit encryption and guarded by PBKDF2 SHA-256 software. LastPass also offers web integration which enables two-step authentication for form auto-filling and it also offers a secure password generator.
How To Make A Strong Password
To make a strong password you should follow these criteria:
- Use a different password for each account
- Use a combination of numbers and letters
- Vary between upper and lower cases
- Use punctuation marks and symbols if possible
- Make your password very long (8 characters + at the least)
And never do the following:
- Re-use the same password
- Use proper words or names
- Use personal information, i.e. your birthday
- Use only letters
- Use a short password (less than 8 characters)
Hacking someone’s password is bread and butter for veteran cyber criminals. Weak and easily guessed passwords are the primary reason why so many people aren’t safe online and their confidential data is exposed. Using a proper password manager can ensure that all your accounts and login information is 100% secure and you can rest easy knowing your private information is in safe hands.
The password managers we have listed above are a surefire way of staying safe online. As not all password management systems are as robust as they should be, it is imperative to use one that is reputable and capable. Our top five are reliable so that users can be assured that their passwords will never fall into the wrong hands.