The best password managers

A businesswoman uses a laptop.Image: A businesswoman uses a laptop.

In a Nutshell

A password manager can help you create, store and auto-fill unique passwords for your accounts. Many password managers offer similar features, but there are differences to consider as you decide which to use. Our editors’ picks include LastPass, Dashlane and KeePass.
Editorial Note: Intuit Credit Karma receives compensation from third-party advertisers, but that doesn’t affect our editors’ opinions. Our third-party advertisers don’t review, approve or endorse our editorial content. Information about financial products not offered on Credit Karma is collected independently. Our content is accurate to the best of our knowledge when posted.

We hate to break it to you, but your brain may not be the best password manager.

Trying to remember a unique password for each of your online accounts is nearly impossible. And yet, many security experts consider strong passwords a vital tool in keeping your information secure.

“You don’t want to use the same password with every site,” says cybersecurity expert Eric Meadows. If a hacker gains access to just one of your accounts, other aspects of your digital life — from your banking information to your social media profiles — could be compromised.

“That’s where password managers come in,” says Meadows. He notes that many of the best password managers “can generate a password for each site.”

Some password managers can actually do a lot more than that. On that note, let’s take a look at our editors’ picks for the best password managers. Then, we’ll dive deeper into the security and usability features that help them stand out from the pack.

The best password managers

  LastPass Dashlane KeePass
Free version Yes Yes Yes
Premium subscription $24/year for one user, or $48/year for up to six users $59.88 per year for premium, or $119.88 per year for premium plus Not available
Password storage 50 megabytes of encrypted storage for free users and 1 gigabyte for Premium users. Your vault information is encrypted and stored in the cloud, but your master password is stored locally and never accessible by LastPass. 1 gigabyte of secure file storage (up to 50 passwords with the free version). Your master password is stored locally, and you can turn off syncing if you want to store all your encrypted passwords locally. Will store all of your passwords in a local database
Auto-fill feature for  passwords Yes Yes Yes
Online syncing across devices Yes With premium or premium plus subscription No
Two-factor authentication Yes, but additional multi-factor options are only available with premium Yes, but some types are only available with premium and premium plus Yes
Share access to passwords with others from within the program Yes, but with the free version you can only share items with one other user Yes, but with the free version you can only share up to five accounts No
Supported operating systems include Windows, Mac, Linux, iOS, Android, Windows Phone and more Windows, Mac, Linux, iOS, Android and more Windows, Mac and Linux. Unofficially for more, including iOS, Android, Windows Phone and more

How does a password manager work?

A password manager is an app or program that generates, encrypts and stores passwords for your online accounts.

Different password managers may work slightly differently, but most of them use what’s called a “master password.” Entering this one password will allow you to retrieve or use the passwords associated with your various accounts on the password manager site.

That’s basically how it works, but the best password managers don’t stop there. They also offer additional features including:

  • Auto-fill functionality, so you don’t have to waste time entering individual usernames and passwords.
  • Online syncing across devices for a more streamlined user experience.
  • Two-factor authentication, so you can bolster your account’s security with an additional code required to finish the login process.
  • Secure sharing features, so you can share information with trusted friends and family members.

How to choose the best password manager for you

There are many password managers to choose from, and our list isn’t exhaustive.

Other password managers, such as 1Password and Enpass, may also be good options for you to consider. Assuming a password manager offers some basic security features such as two-factor authentication and strong encryption, a consumer’s choice often comes down to personal taste.

Based on our editors’ personal experience and our analysis of the factors listed above, LastPass, Dashlane and KeePass stood above the rest. Still, each password manager has its pros and cons, and each may appeal more to a specific type of user.

Now, let’s get into the picks.

Best free password manager: LastPass

Why we like it

LastPass is one of the best-known password managers around, and it offers a wide range of features.

For starters, it works on all major platforms, so you’ll likely be covered as you switch between computers, laptops and smartphones. Syncing between devices is also included with the free version.

The free version comes with enough of the essential features that you might not even want to upgrade to a premium subscription ($24/year for a single user; $48/year for up to six people). Just keep in mind that the few differences — such as being able to share a single password with more than one person, advanced multifactor authentication options, and 1 GB of encrypted file storage — may appeal to some.

Watch out for

Being one of the most popular password managers can have its downsides.

In June 2015, LastPass announced that it found suspicious activity on its platform and that user information was compromised. LastPass says that the encrypted information in their vaults wasn’t at risk. Still, information such as account email addresses, password reminders and authentication hashes along with other information was compromised in the attack.

While LastPass says it has since taken steps to improve security, this event should serve as a reminder that there’s no such thing as “guaranteed” security — even from a trusted password manager.

Are password managers safe?

How to use it

When you create your account, you’ll input your email and choose a master password. You can then add accounts to your “vault.” If you’re logged into LastPass with the browser extension enabled, LastPass may prompt you to store your username and password as you log into different websites.

Once your vault has your passwords stored in it, you can use the LastPass Security Challenge to test for weak, old or duplicate passwords that you may want to change. The LastPass browser extensions or apps can also auto-fill your username and password when you visit a site or app.

LastPass is supported across a wide variety of browsers and operating systems.

Best premium password manager: Dashlane

Why we like it

“I use Dashlane because there’s a stand-alone browser extension that I can use with almost every platform,” says Meadows.

Although that’s true of other password managers as well, Meadows says he likes Dashlane’s interface and how easy it is to use.

While you’ll need to pay for a premium edition to save more than 50 passwords and sync your information across devices, the paid versions come with other features that could be worthwhile. These include a VPN, which can help keep your information secure while you’re on an unsecure Wi-Fi network, and dark web monitoring.

Watch out for

If you’re looking for a free password manager, Dashlane might not be a good fit. The free version limits you to one device and 50 passwords. Since you should try to use unique passwords for every account, you might quickly hit the 50-password limit.

Dashlane’s free subscription has some other potential pitfalls. If you install Dashlane on one device, update all your passwords and then decide to uninstall Dashlane, you might lose access to your passwords if you haven’t created a backup file or synced them. Syncing requires a premium account.

How to use it

The free version of Dashlane must be downloaded and installed on your device, while the premium versions can run via a web app.

Once you install Dashlane on a computer, you can install a browser extension to auto-fill your usernames and passwords.

Dashlane’s password changer lets you automatically change passwords on multiple sites from within Dashlane. It’s available on Windows, Mac OS X and iOS devices.

Best free password manager for offline storage: KeePass

Why we like it

KeePass is an open-source password manager that works completely offline. Because it’s open source, anyone can review the software and offer suggestions for changes. Some people have also created plugins of KeePass based on the original code.

Yes, KeePass may be a little intimidating to beginners. But it’s a good option to consider if you’re looking for a free password manager that keeps your data offline.

There are some obvious trade-offs to this. On one hand, it doesn’t connect to the internet or offer cross-device syncing (at least without installing an optional plug-in). But since it doesn’t store your data online or in the cloud, it could be less vulnerable to data breaches and targeted attacks.

Though it may not sync with your online applications as seamlessly as LastPass and Dashlane, KeePass is still pretty easy to use. You either install the software or run KeePass directly off a USB stick without installing the program, meaning you can take your passwords with you as you move from one computer to another.

As mentioned above, there are also a variety of plug-ins and extensions that can expand KeePass’s functionality.

Watch out for

KeePass doesn’t have a flashy interface like some other password managers, and it might be more difficult for non-techies to use.

Also, while there’s an active community that can help you solve problems, there’s no clear place to seek tech support. Some users might not want to go through the hassle of searching for an answer.

KeePass doesn’t currently offer an “official” version of its software for mobile devices. So if that’s a must for you, it may not be the best fit. Community members have created versions of KeePass for some mobile devices, but these haven’t necessarily gone through a strong vetting process and we hesitate to recommend them.

How to use it

You can download the latest release of KeePass online and follow the first steps tutorial to get started. As with other password managers, you can create a master password that grants you access to your database of passwords.

Who should use a password manager?

A password manager can be a helpful tool for anyone who regularly logs into online accounts or mobile apps.

Even if you have a few strong passwords memorized, your information could be compromised during a public data breach. That’s why using unique passwords for each account can be important.

Meadows suggests searching to see if your information has already been exposed in a public data breach. Credit Karma’s ID monitoring service can help you check if your information has been exposed in another company’s public data breach. You provide your email and Credit Karma can let you know if your email address shows up in a database of more than 13 billion breached accounts. If your information has been exposed, we also offer tips on protecting yourself from ID theft.

Bottom line

Using a password manager and moving away from using the same login information for all your accounts could help keep your information more secure.

Since there are free options to choose from that offer many similar benefits, it may be a good idea to test a few password managers out and see which one you like most.

About the author: Louis DeNicola is a personal finance writer and has written for American Express, Discover and Nova Credit. In addition to being a contributing writer at Credit Karma, you can find his work on Business Insider, Cheapi… Read more.