Pinterest Stumbleupon Whatsapp
Ads by Google

best password managerIf you are anything like me you need to remember tons of passwords to a multitude of websites. They range from one-time drive-by creations to ones you use all of the time. What is the best way to securely keep track of passwords and other confidential information that you use in your daily web browsing routine? Password managers are a very good solution to this problem, but how do you pick which one to use?

The best password managers roughly fall into 2 categories. Either you must be online to retrieve them from the cloud, or they are stored offline in your own storage area. Also in this review, I am setting some ground rules to narrow down the field a bit.


These password managers must:

  • Store passwords in a secure manner;
  • Include browser plugin so that your passwords can be ‘easily’ retrieved;
  • Have been around long enough that trust in their software/services and security practices is high;
  • Be free!

There are many password managers to choose from and I am not digging at any of the other ones; I simply want to keep this list limited to the ‘big players.’ If you have a password manager (or method) you would like to share with us; please do so in the comments below. We have featured a number of the best password managers below, and others, here on MakeUseOf. Without further ado, the final list of our contenders:

Clipperz

best password manager

Clipperz, reviewed by us here Clipperz - Online Password Manager (with Offline Option) Clipperz - Online Password Manager (with Offline Option) Read More , is “much more than a password manager” as stated on its website. Clipperz will store all kinds of information about a website including any form information and passwords all on their web service.

Ads by Google

Being open source means that the code running behind the scenes is open for community inspection, ostensibly meaning that the security of the site is better than if it was closed-source. As an added benefit, it allows Clipperz to offer a Community Edition that enables you to host a version of their service on your own website. This would be a good option if you are paranoid about the software and people running the service behind the scenes.

The only thing I found to really complain about is the lack of tight browser integration. Firefox (and Opera) have the ability to run a stripped down version of the site in the sidebar; allowing you to login directly to the site and retrieve passwords from there. Otherwise, Clipperz is a solid service; and runs on donations.

Keepass/KeepassX

free password managers

Keepass (Windows, only; and its bretheren KeepassX, For Linux and MacOS X) is an offline password manager which encrypts and stores your passwords in a file which adheres to a common standard; and is readable by a number of programs based off the Keepass code. That means that there are readers available for just about every platform under the sun. While it is “offline” there are some cool hacks Achieve Encrypted Cross-Platform Password Syncing With KeePass & Dropbox Achieve Encrypted Cross-Platform Password Syncing With KeePass & Dropbox Read More that allow you to access your store in many locations.

For the browser component, there are a number of plugins which allow direct access to your passwords within your web windows without having to use an external program.

Keepass is time-tested and secure; I used to carry around a portable edition on my USB key chain. While I like the independence of it, I did find it a hassle to use at times and found myself more often than not leaving it in my pocket rather than dragging it out and loading it up (lazy, I know!).

Lastpass

free password managers

LastPass is an online password manager available for free. While it is not open source, they say that they often review their code for security implications and haven’t had any breaches that that community knows of. They also have a professional account which will give you mobile access to your passwords, and I like that they have a clear revenue stream which will (hopefully) mean that they will be around for the long run. They also give you the ability to import and export your passwords.

Another cool feature is the security challenge. This will analyze your existing passwords and give you a score based on how strong and how unique your passwords are. This gives you something to test yourself and to make your passwords more secure.

best password manager

Browser integration is awesome and I think the winning feature of Lastpass. It is extremely easy to use their password manager within any browser you wish – it even works on the latest beta versions. They keep on top of their plugins and it shows.

I thought I would be remiss without going over some of the pay options quickly. These options meet the critieria above but do have a fee associated with them. Both solutions have a 30-day free demo.

Roboform

Roboform started off as a form field remembering app but is now a full-on password manager. It stores your password encrypted and is very similar to LastPass above.

1Password

1Password has especially tight integration with MacOS X and if you are on that platform I would seriously take a look at them. They include many of the features above but is also tightly integrated with the OS and browser. They have versions for other operating systems but really shine on the Mac end. It costs $39 for a single user license and stores them offline. An online version is available so that you can access your passwords anywhere.

The Winner

LastPass! LastPass has the best overall features and its price point (free) is very reasonable for any user. The only reason I would not recommend it is if you ever need to access your passwords offline; otherwise it is just about perfect. If you do wish to access your passwords offline you might want to try out Keepass which is also a very good password manager. Let us know if you have any other favorite password managers for keeping your passwords secure!

Image courtesy Shutterstock.

  1. Superman
    February 15, 2011 at 8:16 pm

    Do you know MobileSitter? It shall be resistent against brute force attacks and dictionary attacks.

  2. Duckeenie
    February 15, 2011 at 4:53 am

    I think it's worth adding that the data is actually encrypted/decrypted using your own computer according to their website, LastPass don't have access to your unencrypted passwords and in theory nobody else should either.

  3. PatrickB
    February 13, 2011 at 11:50 pm

    LastPass does have an offline option. Check the options!

    • Dave Drager
      February 15, 2011 at 10:32 am

      Yes, also by default it will cache the entries.

  4. PatrickB
    February 14, 2011 at 12:50 am

    LastPass does have an offline option. Check the options!

  5. Mathies
    February 13, 2011 at 4:54 pm

    Some random internet-connected PC is much less likely to get hacked than a site that stores hundreds or thousands of user accounts and related data, so it's definitely safer to store encrypted passwords on your own PC.
    Just remember the Gawker issue (http://www.huffingtonpost.com/... ) and the recent problems at SourceForge (http://sourceforge.net/blog/so... ), a developer site you would think is safe.
    With every step away from what for example Mark does you trade in potential security for some more comfort.

  6. Dave Drager
    February 12, 2011 at 11:49 pm

    Seems like a good option, but haven't tested it out myself. http://www.splashdata.com/spla...

  7. Dave Drager
    February 12, 2011 at 11:48 pm

    Nice, hadn't heard of that one before. For anyone else wanting to check it out, it is over at http://www.passpack.com/en/hom...

  8. sut
    February 9, 2011 at 11:47 pm

    In your recommendation of LastPass you state "The only reason I would not recommend it is if you ever need to access your passwords offline".
    However, accessing your LastPass passwords offline is easy if you use LastPass Pocket which is able to retrieve your LastPass info from an encrypted data file on your hard drive.

    https://lastpass.com/misc_download.php

    • Aibek
      February 10, 2011 at 9:06 am

      thanks for heads up!

    • Dave Drager
      February 12, 2011 at 10:51 pm

      Awesome tip!

  9. sut
    February 10, 2011 at 12:47 am

    In your recommendation of LastPass you state "The only reason I would not recommend it is if you ever need to access your passwords offline".
    However, accessing your LastPass passwords offline is easy if you use LastPass Pocket which is able to retrieve your LastPass info from an encrypted data file on your hard drive.

    https://lastpass.com/misc_down...

  10. Anonymous
    February 9, 2011 at 2:02 pm

    Lastpass.

    Haven't looked at the others anything more than superficially, so can't say that it's absolutely the best, but I'm very happy with it. It runs on all my browsers on all my devices - desktop, laptop, android mobile - well integrated. There are a few quirks, but nothing really major.

    Their acquisition of XMarks also promises greater things to come.

  11. Sisyphus21
    February 9, 2011 at 3:02 pm

    Lastpass.

    Haven't looked at the others anything more than superficially, so can't say that it's absolutely the best, but I'm very happy with it. It runs on all my browsers on all my devices - desktop, laptop, android mobile - well integrated. There are a few quirks, but nothing really major.

    Their acquisition of XMarks also promises greater things to come.

  12. Max Ivanoff
    February 9, 2011 at 7:26 am

    Use Keepass for 4 years. happy.

  13. Jim Finn
    February 8, 2011 at 7:25 am

    I've been using Lastpass after switching from SPB Wallet when i got an Android phone. You mention that they don't have an offline version but you can install it onto any portable browser and it downloads the passwords allowing you to view and edit the database offline. They also now supply a portable offline app as well which downloads your full list to a secure database locked with your master password.

    I got the premium package of this and Xmarks which i've been using for years.

    And no I'm not affilliated with the company just an avid user :-)

    • Dave Drager
      February 12, 2011 at 10:56 pm

      Thanks for the info!!

  14. Jim Finn
    February 8, 2011 at 8:25 am

    I've been using Lastpass after switching from SPB Wallet when i got an Android phone. You mention that they don't have an offline version but you can install it onto any portable browser and it downloads the passwords allowing you to view and edit the database offline. They also now supply a portable offline app as well which downloads your full list to a secure database locked with your master password.

    I got the premium package of this and Xmarks which i've been using for years.

    And no I'm not affilliated with the company just an avid user :-)

  15. RandyN
    February 7, 2011 at 9:13 pm

    LastPass is very good but switched to 1Password (they do have a Windows and Android version that both work well).

  16. Peter Opstrup Olesen
    February 7, 2011 at 9:12 pm

    What happens when LastPass.com is down? Can I still login?

    Yes, if you're using the plug-ins. When you login to the Internet Explorer, Firefox, Google Chrome, Safari, or Opera plug-in, LastPass downloads and stores your encrypted data. If we're offline you're still able to login in offline mode, but you'll be unable to add or change sites while LastPass is off the air. You still will be able to export your accounts if you're running the plug-in. We have 2 data centers and a lot of experience running web applications so this should be a rare occurrence.

  17. Ande
    February 7, 2011 at 9:09 pm

    Roboform Pro works where and when you need it!

    • Cosmo73
      February 8, 2011 at 2:46 pm

      I agree. I have been using Roboform for 4 yrs now with no problems.

    • Kitten Soft
      February 12, 2011 at 10:12 pm

      I agree completly, been using it for years myself. Just wish the upgrade to the new version was free, but we can't win em all.

  18. Paul G
    February 7, 2011 at 8:43 pm

    Firefox add-on Sxipper works well for me.

  19. Mathies
    February 7, 2011 at 8:19 pm

    Storing passwords online seems to be a bad idea to me. If you have your stuff on an USB stick it can get lost or stolen, but properly encrypted nobody can hack it.
    With online storage you don't know whom you are trusting and how safe the whole thing really is.

    • Dave Drager
      February 12, 2011 at 10:56 pm

      Its true, when you trust an outside company to store your data you are entrusting outside, unknown persons with your data. However, and I've given this a lot of thought, I trust a known securer of data (your data is encrypted there just as it would be on your local computer). Plus you could argue that any computer you are using the internet from is online. You do need to put a certain amount of 'faith' in an outside organization but as long as they have a good reputation in that industry I don't see that it is any more risky than entrusting yourself with that security.

      • Mathies
        February 13, 2011 at 3:54 pm

        Some random internet-connected PC is much less likely to get hacked than a site that stores hundreds or thousands of user accounts and related data, so it's definitely safer to store encrypted passwords on your own PC.
        Just remember the Gawker issue (http://www.huffingtonpost.com/2010/12/12/gawker-hack-hacked-databa_n_795613.html ) and the recent problems at SourceForge (http://sourceforge.net/blog/sourceforge-net-global-password-reset/ ), a developer site you would think is safe.
        With every step away from what for example Mark does you trade in potential security for some more comfort.

      • Duckeenie
        February 15, 2011 at 3:53 am

        I think it's worth adding that the data is actually encrypted/decrypted using your own computer according to their website, LastPass don't have access to your unencrypted passwords and in theory nobody else should either.

  20. Mark O'Neill
    February 7, 2011 at 8:13 pm

    I keep my passwords in a plain text file and then I encrypt the file in a Truecrypt container on my computer (with a very strong password of course!)

    • Dave Drager
      February 12, 2011 at 10:53 pm

      Mark, I'm curious how this works for you. I used to use Keepass which does the same thing - keeps them offline & encrypted; but found it didn't work well enough for me to use in multiple locations (even with Dropbox syncing). The reason I like Lastpass is that it is available anywhere I am so I find myself using it a lot more, and I feel this makes it more secure.

      • Philharmania
        February 23, 2011 at 6:11 am

        I use Keepass+TrueCrypt+Dropbox combination. It's just that you have to manually trigger the sync of the TrueCrypt container every time you make some changes.

  21. Peter Opstrup Olesen
    February 7, 2011 at 10:12 pm

    What happens when LastPass.com is down? Can I still login?

    Yes, if you're using the plug-ins. When you login to the Internet Explorer, Firefox, Google Chrome, Safari, or Opera plug-in, LastPass downloads and stores your encrypted data. If we're offline you're still able to login in offline mode, but you'll be unable to add or change sites while LastPass is off the air. You still will be able to export your accounts if you're running the plug-in. We have 2 data centers and a lot of experience running web applications so this should be a rare occurrence.

  22. MediaMaestro57
    February 7, 2011 at 7:54 pm

    I use both 1Password and LastPass. Both great products.

  23. Mathies
    February 7, 2011 at 9:19 pm

    Storing passwords online seems to be a bad idea to me. If you have your stuff on an USB stick it can get lost or stolen, but properly encrypted nobody can hack it.
    With online storage you don't know whom you are trusting and how safe the whole thing really is.

  24. TRY
    February 7, 2011 at 7:02 pm

    LastPass for online storage and Sticky Password for resident.

  25. Anonymous
    February 7, 2011 at 6:44 pm

    Lastpass is great. I paid the nominal fee for the premium service to have easy access via mobile, etc.

    I'm very happy with the product.

    • Dave Drager
      February 12, 2011 at 10:50 pm

      Yeah, I've been very happy with LastPass as well. Awesome product.

  26. andy
    February 7, 2011 at 6:14 pm

    And what about SplahID and when combined with Dropbox you can synch among multiple computer and it's completely seamless.

  27. Garrett
    February 7, 2011 at 6:02 pm

    What about Passpack?

    • Dave Drager
      February 12, 2011 at 10:48 pm

      Nice, hadn't heard of that one before. For anyone else wanting to check it out, it is over at http://www.passpack.com/en/home/

      • Garrett
        February 24, 2011 at 12:14 am

        Really? I've been using it for about 2 years now!

  28. kghbiz
    February 7, 2011 at 7:44 pm

    Lastpass is great. I paid the nominal fee for the premium service to have easy access via mobile, etc.

    I'm very happy with the product.

Leave a Reply

Your email address will not be published. Required fields are marked *