Although there are a variety of dedicated password management tools, every modern browser has its own built-in password manager. But just how good are the built-in password managers? We’ll look at how each popular browser’s password manager compares when it comes to convenience, security, sync features, and supported devices and operating systems.
Dedicated password managers still have some advantages, so we’ll cover how you can get a better password manager no matter which browser you’re already using. You don’t have to switch browsers to get the best password managers — they’re available to users of every browser.
How It Works: When you enter a password on a website, Firefox will ask if you want it to remember your password. If you choose to save your password, it will save the password on your computer. When you visit the website again, Firefox will automatically fill in your saved password. You can also view your saved passwords from Firefox’s options window.
Convenience: Firefox’s password manager is a convenient way to save time if you don’t mind saving your passwords in it. All you have to do is click the Remember Password button when logging into a website and your password will be automatically filled in the future — no need for additional clicks.
Security: Firefox saves these passwords in an insecure form on your computer by default. However, Firefox allows you to enable a “master password” in its options window. Your saved passwords will be encrypted with your master password and you’ll need to enter it before using your password manager. This means people won’t be able to snoop on your passwords by getting access to your computer — assuming you don’t leave Firefox open. There are also extensions that add a timeout, automatically re-locking your password database after a set period of time.
Sync Features: Firefox can sync your passwords through Firefox Sync. Like other browser data, your passwords are encrypted before syncing so they should be secure. This allows you to have your passwords backed up online and keep them in sync between your different computers.
Supported Devices for Sync: Firefox Sync allows you to sync passwords with Firefox for Windows, Mac, Linux, and Android. Firefox no longer offers the Firefox Home app for iOS, so you can’t access your synced passwords on iPhone, iPad, or even other devices like Windows Phone and BlackBerry. If you want to sync your Firefox passwords to your phone or tablet, you’ll need an Android phone or tablet.
In Summary: Firefox offers the most secure browser password manager because of its master password feature. The password manager is convenient assuming you use Firefox on a PC or Android device, but you can’t access your Firefox passwords on iOS and other mobile operating systems.
How It Works: Visit a website and enter a password. When you log in, Chrome will offer to save the password in its password manager. If you do opt to save the password, Chrome will automatically enter it the next time you visit the site. You can also view a list of your saved passwords from Chrome’s settings page.
Convenience: Chrome’s password manager is just as convenient as Firefox’s, offering the same interface — one click to save, no additional clicks to automatically fill login information.
Security: Chrome essentially encrypts your saved passwords with your Windows user account password. Anyone with access to your Windows user account can view your passwords. Firefox offers a master password to encrypt your passwords, but Chrome doesn’t. As long as you use a strong Windows user account password and don’t set your computer to automatically log in, your passwords will remain secure. Google says a master password provides a false sense of security, but it covers more use cases — if you use an obvious Windows password, share a user account, or set your computer to automatically log in, Firefox’s master password would protect you but Chrome wouldn’t. By having Firefox automatically lock the password database after a timeout, you can also limit the amount of time someone would be able to access your passwords.
Sync Features: Chrome can sync your passwords and other browser data with Chrome Sync. Synced passwords are always encrypted on Google’s servers, either with your Google account password or another passphrase of your choosing.
Supported Devices for Sync: Chrome allows you to sync passwords to Chrome browsers on Windows desktop, Windows 8, Mac, Linux, Chrome OS, Android, and iOS. Chrome offers more sync options, with the most important feature being the Chrome app for iPhone and iPad that allows users of Apple’s mobile devices to access their passwords.
In Summary: Chrome offers the widest array of sync options so you can access your passwords almost anywhere. Google disagrees with Mozilla about the necessity of a master password, and if you kept your computer completely secure your Chrome passwords would be okay. For the average user, Firefox’s master password system is probably more secure.
How It Works: Enter your password on a website and Internet Explorer will offer to save it. The next time you visit a website, you’ll have to click the username box and select your saved username from a list — Internet Explorer won’t automatically fill in your login information until you do. Internet Explorer also doesn’t allow you to view your saved passwords without using a third-party tool, like IE PassView.
Convenience: Saving passwords in IE is simple, but IE doesn’t automatically fill your login information. If you do want to view your saved passwords, you need a third-party tool, which is much more inconvenient.
Security: Like Chrome, Internet Explorer essentially encrypts your saved passwords with your Windows user account password. Any program running as the current user account can view your saved passwords, but no one can view your passwords if you’re logged out — not unless they can figure out your Windows password. As IE is using the same encryption method as Chrome, Firefox will likely be more secure for the average person with its master password — just as it’s more secure than Chrome.
Sync Features: Windows 8 syncs Internet Explorer passwords and other browser data. Windows 7 and previous versions of Windows can’t sync IE passwords.
Supported Devices for Sync: Your Internet Explorer passwords are synced between PCs running Windows 8. They’re not accessible on previous versions of Windows or even Windows Phone devices. They’re obviously not accessible on devices running competing operating systems.
In Summary: Internet Explorer has the worst password manager, with the most inconvenient password-filling method, no built-in way of viewing saved passwords, and no way to sync your saved passwords except between Windows 8 PCs. If you use IE anyway and just want something to save you time, it’s better than nothing — but we don’t recommend using IE’s password sync features.
Which is the Best?
So which one should you choose? Well, that depends on what’s important to you and which browser you already use:
- If You’re Particularly Worried About Securing Your Passwords: Use Firefox’s built-in password manager. In practice, it will be more secure against malware and protect you from other people snooping around while using your computer if you share a Windows user account.
- If You Want to Sync With Your iPhone or iPad: Use Chrome’s password manager, which is good enough if you use a secure Windows password and proper security practices.
- If You Just Want to Save Time and Already Have a Preferred Browser: Use whatever password manager is built into your web browser to save passwords and save yourself time in the future. You may want to avoid saving important passwords like your online banking passwords if you use Firefox or IE and other people use your computer with the same user account.
To simplify things, Chrome is the winner when it comes to syncing between different devices while Firefox is the winner when it comes to securing your passwords in the real world.
However, the best password managers of all aren’t built into browsers. Browser password managers are okay for saving time, but they’re not the ideal solution if you want a single program to securely manage all your passwords.
A dedicated password manager like LastPass or KeePass can automatically generate random passwords for you, save passwords and secure notes for things that aren’t website logins, and sync to a wide variety of different devices. They can incorporate advanced features like the LastPass security challenge, which scans your passwords and lets you know which ones are reused or too insecure, recommending which ones to change for maximum security. They also allow you to lock your passwords with a Firefox-like master password, but you could also further secure them with two-factor authentication.
If you want to go all-in and use a password manager to simplify your life, you’re better off going with a dedicated password manager like LastPass or KeePass. As another benefit, they aren’t linked to a single browser, so you could use the same passwords in Safari on Mac, Internet Explorer on Windows, Chrome on Linux, and access them in dedicated apps for a variety of platforms from Android and iOS to Windows Phone and BlackBerry. Read our password management guide for a thorough introduction.
Which password manager do you use? Do you use a browser’s built-in password manager? Leave a comment and let us know!