Forgetting passwords for important websites can make it difficult for you to figure out the password reset procedure. It’s tempting to use something so simple that you won’t forget it or just remember one complex password and use it everywhere. However, both strategies set you up for failure. For example, a hacker can easily guess or force a simple password. A data breach can also expose any complex passwords you create, putting any account that uses them at risk.
The only solution is to use a different password for each account and make it long and random. I know there’s no way you can remember dozens of strong passwords. In fact, the average US internet user is locked out of 10 accounts per month. That’s why you really need a password manager.
What did you say? You can’t afford another security tool? Actually, you can’t no to. The potential hit, financial and otherwise, that can result from using a weak password can be costly. Never be afraid. Some password managers offer a free tier for their popular service.
When you put all your passwords into one repository, you should be very careful to protect that repository. That’s where you are master password enter. This password is used to encrypt the contents of your password vault, so it should be as strong as possible. On the other hand, it is unlikely that you will be able to recover it. Store your master password in a safe place or risk permanent loss of access to your password manager.
Setting up multi-factor authentication is another way to reduce the risk of possible attacks. Multi-factor authentication can be biometric, requiring fingerprints, facial recognition, or even voice recognition. Some password managers rely on mobile authenticator apps; others use SMS-based methods or hardware security keys to authenticate. Allowing access only from registered and trusted devices is another form of multi-factor authentication.
Basic features
For most people, getting started means installing a password manager extension in your browser of choice. The best password managers only require an extension, so they can operate on any platform that supports a browser, but you’ll find some that require a desktop component.
When you log in to a secure site, the password manager captures the username and password and stores them in your vault. The best password managers capture your credentials during account creation, and when you change your password online, they offer to update the saved password for that site.
When you revisit a site, most password managers can automatically fill in the stored data. If you have more than one set of credentials, you can choose which one to fill in. Another useful (and common) feature of most of these browser extensions is that clicking on an entry directly navigates to the site and logs in.
Many of us are more likely to log into secure sites from a mobile device than from a desktop computer, so it’s important to find a password manager that syncs your credentials between all your devices. Most password managers use encrypted cloud storage to sync between devices. Some store your data completely locally, syncing between databases on different devices without storing anything in the cloud. The real benefit of having a password manager on your phone is that you can use it to autofill credentials for whatever mobile app you use.
One great thing about free password managers is that you can try several and find out which one you like best. If you’re thinking about creating such a survey, look for products that can be imported from other password managers. Otherwise, you will have to go through the password collection process again for each candidate.
Advanced features
The point of adding a password manager to your security arsenal is to replace weak and duplicate passwords with strong, non-guessable passwords. But where do you get those strong passwords? Most password managers can generate strong passwords for you and many more that let you control things like password length, and which character set to use. The best offer password strength reports that simplify the process of identifying and fixing bad passwords.
Filling in usernames and passwords automatically is not much different from filling out other types of data in web forms. Many commercial password managers take advantage of this commonality and thereby simplify the process of filling out forms with personal data, such as addresses or payment card details. Some password managers also give you storage space for secure documents, although the allocated storage is usually not enough to replace a dedicated cloud storage service.
In addition to using passwords across multiple devices, you may want to share certain logins with other users. Most free password managers don’t support secure sharing. Very few allow you to determine the heir to your password, someone who will receive it if you die.
Paid Program Free Edition
If you’re willing to give a little something, you can use many paid password managers for free. If you see a paid password manager with features you like, check it out. You may be able to get it without paying. For example, some companies let you use all of their product features for free if you stop syncing across multiple devices. RoboForm is one that is free to use on a single device, no syncing. Dashlane too; but also enforces a 50 password limit for free users and only allows sharing between up to five accounts.
If you are fully committed to using a password manager, you will soon face this limitation. We didn’t include any free password managers in this list that limit the number of passwords you can create or that can’t sync passwords across devices.
Top Free Password Manager
Bitwarden is our Editors’ Choice pick for free password management because it has impressive security features and few limitations for free users. If you are worried about your online security, you should also read our best antivirus and best VPN roundup.
