Choose the right password manager to protect your accounts
Here’s the contradiction: you need secure, unique and hard-to-remember passwords to protect your online (and offline) accounts from being hacked. However, remembering those secure, unique and hard-to-remember passwords is another matter entirely. Thankfully there is a solution, and it’s called a password manager.
There are dozens of password managers to choose from, but in this guide we’ll showcase four of the better ones, ensuring that you set safe, secure passwords without having to worry about remembering them.
Most password managers work like this: you set up an encrypted file, or vault, into which all of your unique passwords are stored. This vault is “locked” with a master password, so as long as you can remember that, you’ll always be able to access your other passwords.
Of course, a master password can be guessed, so the better password managers go further. Open-source favorite KeePass allows you to create special key files, which need to be provided with the password when unlocking the vault. You can also lock files to the current Windows user account and even use a special USB drive called a YubiKey to provide another level of authentication.
Speaking of providing secondary hardware devices to provide extra protection for your passwords, Sticky Password Free allows you to add any USB or Bluetooth device as a secondary form of authentication, thus increasing your vault’s security that little bit further.
Sticky Password also ships with browser plug-ins, so it can automatically fill web login pages as you visit them (KeePass requires you to drag-and-drop or use hotkey triggers). But the Free version is limited to just 15 passwords -- for full functionality you have to pay $29.99 for the full version.
One worry with offline password managers is what happens if your encrypted vault is corrupt? Obviously you can manually backup your files, but 1Password for Windows and 1Password for Macboth let you sync your encrypted database to Dropbox for protection against data loss. Note both are trial versions only -- the full version costs $49.99 per license.
Another way to avoid this potential calamity is to entrust your passwords (encrypted, of course) to the cloud, and if you’re happy to do so then take a look at cross-platform beauty LastPass, which works seamlessly across most major browsers, and also allows you to store other confidential information online too. It’s free, although you’ll need to purchase a Premium subscription if you’d like to be able to sync passwords with your mobile devices. or add support for YubiKey authentication.
LastPass can also detect when you’re signing up for a new site and offer to quickly generate a secure password for you – something the other tools also offer, but LastPass makes the process effortless.
LastPass also offers to review your existing passwords, alerting you to any insecure ones you can then quickly make secure with its help.
Ultimately which password manager you go for depends on your individual needs: Sticky Password offers the best blend of features and security for both online and offline use, but there’s a price tag attached. If you’re happy to store your passwords in the cloud, then LastPass wins for its ease of use, but for a portable, offline solution that won’t cost you a bean, KeePass is well worth considering.
KeePass 2.21 and KeePass Portable 2.21 are both available as free, open-source downloads for Windows (other platforms are also available). Sticky Password Free 126.96.36.1999 is available as a function-limited free download for Windows, while LastPass 2.0.20 is available as a freeware download for Windows, Mac and Linux. Also available are LastPass for Windows 8, LastPass for Android and LastPass Tab Browser for iOS.