The best free password managers for security and convenience
It's tempting to reuse an old password, especially when the average person has 100 different accounts to secure, but it’s more dangerous than many realize. You wouldn’t make 100 copies of a skeleton key to your home, so why gamble with your network and sensitive data?
Adding a password manager to your arsenal of online tools is a great step in preventing unwanted infiltrations and keeping yourself safe on the web— and they’re easier to use than you think!
What is a password manager?
Password management programs create personalized databases of unique, randomly generated credentials to store and use at your convenience. They make it easy to protect a library of passwords behind one robust, intricate master password. Basically, it’s like locking all your keys in a vault that can only be opened by your palm.
Are password managers safe?
Password managers protect your data via zero-knowledge architecture, an encryption tactic deployed before passwords leave your device. By minimizing your server's ability to decipher each password, malicious web agents are unable to extract that information directly.
But password managers are only as secure as the WiFi network they are deployed on. Any vulnerable IoT device— even a thermostat, smart tv, or radio— could be infected with malware or hacked in a way that comprises your master password. We recommend taking the following steps to optimize your cybersecurity home defense:
- Evaluate your password strength and generate new credentials regularly.
- Deploy a reliable AI-driven firewall and cloud management software like Minim to secure your smart home devices.
- Copy and paste each password at login. Password managers have an auto-fill feature for specific URLs if you prefer, but that device will remember that password moving forward.
How do password managers work?
You may have noticed web browsers with built-in password saving capabilities and auto-fill features. These services can't remember passwords across mobile apps and other software, nor can they generate passwords on your behalf. Dedicated password management software, on the other hand, stores and fills credentials beyond the confines of a single browser.
Philosophies of password managers boil down to two schools of thought: local and cloud. Local managers store your password vault on your personal device's hard drive while cloud managers store them in a supervised web server. Cloud password managers have become much more popular as of late, and for good reason; they're convenient, encrypted, and your passwords won't disappear if your computer's hard drive kicks the bucket.
This doesn't mean local managers are a poor choice, but if you're going to use one, it'd be best to have some sort of backup. A storage device like an external hard drive that isn't a part of your network is preferable. Make sure to keep it in a safe location, out of reach of anyone that might abuse that information. Your browser's password management system may have the option to use local storage for passwords, including Chrome, as long as you turn off synchronization to your Google Account.
LastPass - Most Popular
Source: Lastpass.com landing page
LastPass is one of the few password managers that permits free password sharing, allowing you to give your bank account password to your spouse or your Netflix login to your sibling at no extra cost.
LastPass's free plan is more impressive than some of its competitors with two layers of multi-factor authentication and a password audit function that tells you if your passwords are less than impressive. Moreover, if you decide that a paid manager has the features you need, upgrading will be much easier than migrating to a new password manager.
It even has a notes feature for any other valuable information you'd like to keep away from prying eyes. LastPass advertises this as a place to keep "odds and ends" like membership numbers, a driver's license number, passports, or codes to important physical locks. Alternatively, you could just encrypt a note on your phone's general notes app, but it's still nice to have everything in one place.
MyKi - Most Unique
Source: MyKi.com app overview page
If you can't bring yourself to allow your passwords into the cloud, then MyKi may be the perfect solution for you. All of your passwords will be stored on your local devices and you won't even need to remember a master password, plus you can use biometric information like your fingerprint or Face ID to authenticate. Because of these types of features, some say this platform works best if you are primarily a mobile user.
The most intriguing feature of this manager is its ability to share a password without revealing it. It uses a particular public/private key encryption behind-the-scenes of the sharing process, and all you have to do is choose who you want to share the login info with. If at any point you change your mind, you can choose to revoke someone's access and MyKi will delete the encrypted password and log them out of the account.
One of the main anxieties of using a local password manager is the fear of data becoming lost or corrupt. MyKi anticipated this struggle, and the software created an automatic backup feature on every device in which it's installed. This means if one device becomes corrupted, you can use another device to recover your data. MyKi also allows users to generate manual backups notated with the .myki file extension, which you can store in any location you deem secure.
Bitwarden - Most Transparent
Source: Bitwarden.com product page
Last, but certainly not least, Bitwarden is an open-source password manager with a convenient browser extension that makes it easy to whip up an intricate password instantaneously. It includes granular options to adjust the password length, add mixed letter casing and numbers, and insert special characters to really lock things down.
The user interface on the browser extension is very easy to understand, with clearly labeled tabs for each section. There are also settings that allow you to customize the security of the interface itself with the ability to set a timeout and PIN to re-enter the program, enable two-factor authentication, and even import password data from your browser.
Additional features that Bitwarden provides include: customer service support for troubleshooting, event logs for activity tracking, and health reports to find vulnerabilities before anyone else does. Moreover, the entire code repository for each platform is available to browse and contribute improvements. This password manager will surely satisfy the tech savvy with the capability to self-host your password database on your own web server if you'd rather not leave the database with Bitwarden.
Ultimately, which password manager you choose will come down to your priorities. Whether it’s the trusted name of LastPass, the local control of MyKi, the candid transparence of Bitwarden, or even a characteristic from a password manager outside of this review, you should feel a sense of trust and security in your choice.