It's all too easy to be careless when choosing a new password. You want your data protected and personal information secure, so when it comes to choosing a password to guard it all, it's risky to rely on weak passwords like a family member's name and a simple numerical sequence like 1234. While the laziness is understandable, it's dangerous. The people looking to steal your information are pros at password cracking, so you need to be just as diligent in defending your accounts.
Unless you want to constantly safeguard a hard copy list of all your passwords, you might want to consider a. It can help you seamlessly oversee and handle all of your login credentials for any online account, and maintain airtight password security. They're also handy when it comes to autofiling forms and syncing your data across Windows PCs and Macs, , , and more.
A password manager is essentially an encrypted digital vault that stores secure password login information you use to access apps and accounts on your mobile device, websites and other services. In addition to keeping your identity, credentials and sensitive data safe, the best password managers also have a password generator to create strong, unique passwords and ensure you aren't using the same password in multiple places (password generation really comes in clutch when you can't come up with yet another unique password on the fly for the latest must-have iOS app). With all the recent news of security breaches and identity theft, having a unique password for each location can go a long way to ensuring that if one site gets hacked, your stolen password can't be used on other sites. You're basically using multiple passwords to create your own security features.
Plus, with a manager, you don't have to remember the various pieces of login information, such as shipping addresses and credit card information. With just one master password, or in some cases a PIN or your fingerprint, you can autofill a form or password field. Some also feature online storage and an encrypted vault for storing documents.
All our best password manager picks come in free versions, which typically let you securely store passwords for one device -- although our pick for the best free manager can currently be used for syncing across multiple devices -- and all handle hardware authentication through YubiKey. Our best password security manager picks also feature subscription options that let you sync your secure password login information across devices, share credentials with trusted family and friends, and get access to secure online storage. And if transparency is important to you, several of our picks are open-source projects. We also look at what a password manager is, its security features and the basics of how to use one.
Note that these password manager services are independently chosen by our editors. We'll be updating this story periodically as new options become available. In light of our top choice's recent pricing change, we may be reconsidering the order in the near future, and will update this story accordingly.
- Open-source, secure and transparent
- Free version can be used across unlimited devices
- Premium subscriptions start at $10 per year
- Works with: Windows, MacOS, Linux, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Edge, Opera, Vivaldi, Brave and Tor.
Bitwarden leads the list of the best password managers for 2022 thanks to both its open-source roots and its unbeatable -- and unlimited -- free version. This lean encryption software can generate, store and automatically fill your passwords across all of your devices and popular browsers -- including Brave and Tor -- with competitive security strength.
Its free version lacks some of the bells and whistles of our other picks, but its premium versions are just as feature-rich. Just like its closest competitors, a Bitwarden premium subscription allows you to share passwords, logins, memberships and other items with trusted family and friends, use multifactor authentication through YubiKey and get 1 gigabyte of encrypted storage. Although it has fewer features than the premium version, Bitwarden's free version also offers a one-to-one texting feature called Bitwarden Send which allows you to securely share login information with another person.
If you're looking for a user-friendly free service with an excellent security reputation for password management, it's hard to pass up Bitwarden, which made it into CNET's Cheapskate Hall of Fame as the best free password manager. Plus it has a password sharing feature so you can share all your login info with another person. For $10 a year, you can add 1GB of encrypted file storage. And for $40, you can opt for the Families Organization plan, which allows for 6 individual accounts with unlimited sharing between them. Both subscription tiers come with a 30-day money back guarantee.
- Offers free version
- Base price beyond free: $36 per year
- Works with: Windows, MacOS, Linux, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Internet Explorer, Edge and Opera.
The free version of LastPass once made it stand out as the best password manager in this category by giving you the ability to store passwords, user login info and credentials and sync all of it wherever you want across both your mobile devices or your browsers. And while you can currently view and manage passwords across mobile and desktop devices, as of last March, you'll have to choose to use the free version for either mobile or desktop.
That means if you choose mobile, you'll be able to access your LastPass account across your phones, tablets or smartwatches, but not on your laptop or desktop app -- unless you upgrade to Premium, for $36 a year, or Families, for $48 a year.
The Premium version of the password manager also allows you to share passwords, logins, memberships and other items with trusted family and friends, use multifactor authentication through YubiKey and get 1 gigabyte of encrypted storage. Meanwhile, the Families plan gives you six individual accounts, shared folders and a dashboard for managing the family accounts and keeping an eye on your account's security.
No, LastPass isn't flawless: A vulnerability privately reported in September 2019 was a scary flaw that could potentially compromise passwords. But the company patched it before it was known to be exploited in the wild. It was one of several vulnerabilities that have been discovered in LastPass over the years.
More recently, however, privacy and security concerns emerged around LastPass' Android app when a privacy advocacy project discovered seven web trackers within the mobile app.
In light of these concerns and LastPass' new restrictions on its free-tier service, we're reevaluating LastPass' rank in our list of top password managers.
- Offers trial version
- Base price: $35.88 per year
- Works with: Windows, MacOS, Linux, Chrome OS, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Edge and Opera.
If you're looking for a trusted password manager app to keep your login information private and secure, 1Password is the best password manager for the task, letting you access your accounts and services with one master password. It's available for all major device platforms.
This nicely designed password manager lacks a free version, but you can check it out for 14 days before signing up. (Alas, that's down from the earlier 30-day trial period.) An individual subscription runs $36 a year and comes with 1GB of document storage and optional two-factor authentication through Yubikey for additional security. A travel mode lets you remove your 1Password sensitive data from your device when you travel and then restore it with one easy click when you return, so that it's not vulnerable to border checks.
Biometric authentication can be used to access your password vault on Mac and iOS operating systems, you can use Touch ID to unlock 1Password, and on iOS devices you can use Face ID as well. For $60 a year, you can cover a family of five and access password sharing, credit card information and anything else among the group with a single password manager app. Each person gets their own password vault, and it's easy to control who you share information with and what they can do with it.
You can also create separate guest accounts for password sharing to share Wi-Fi connection passwords, for example, or home alarm codes with guests.
Other free and paid options worth considering
Bitwarden, LastPass and 1Password are solid, affordable (or free) password keepers, and in a straw poll of CNET staffers, they were about neck-and-neck in use. But if you find none of our three recommended password managers works quite how you want, a handful of other apps are worth considering. These all have free versions available.
- Offers limited free version (50 passwords on one device)
- Base price beyond free: $59.99 per year
- Works with: Windows, MacOS, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Internet Explorer, Edge and Opera.
Dashlane provides a simple and secure way to manage your passwords and keep other login information stored. Just for managing passwords, we like it as much as our picks, but the free Dashlane app limits you to one device and 50 passwords. The $60 Premium subscription is similar to plans from 1Password and LastPass. The $90 Family subscription allows for up to 6 individual accounts.
- Offers limited free version (unlimited passwords on one device)
- Base price beyond free: $35
- Works with: Windows, MacOS, Linux, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Internet Explorer, Edge and Opera.
Keeper is another secure password manager that helps you manage login info on Windows, MacOS, Android and iOS devices. A free version gives you unlimited password storage on one device. The step-up version costs $35 a year and lets you sync passwords across multiple device options. For around $59 a year, you can also get 10GB of secure file storage and dark web monitoring.
- It's free
- Donations accepted
- Works with: Windows, MacOS, Linux, Chrome OS, Android, iPhone and iPad, BlackBerry, Windows Phone and Palm OS. Access via the web plus popular browser extensions. (Except for the official Windows version, KeePass for other platforms are unofficial ports.)
KeePass, another open-source software password manager, started on Windows and has been ported using the same code base to other platforms, including MacOS, Android and iOS. On the plus side, it's totally free and endorsed by the Electronic Frontier Foundation. On the other hand, it's really for advanced users only: Its user interface takes a bit of fiddling to get all the independently built versions of KeePass to work together.
What about NordPass and Norton Password Manager?
There's been a shift in the market for VPN and antivirus software in recent months. Many of the companies behind these software packages are expanding them to become wider software suites. For instance: now offers NordPass, a dedicated password manager, and Norton now offers a Norton Password Manager as part of its antivirus and identity theft packages. We haven't specifically reviewed these password storage managers, if only because they don't yet appear to have a feature set or pricing option that beats any of our preferred options above. If and when that changes, we'll check them out in more detail.
Password manager basics
Still need more info on what password managers are, and why they're better than the alternatives? Read on.
How does a password manager work?
To get started, a password manager will record the username and password you use when you first sign in to a website or service. Then the next time you visit the website, it will autofill forms with your saved password login information. For those websites and services that don't allow automatic filling, a password manager lets you copy the password to paste into the password field.
If you're stuck picking a good password, a manager can generate a strong password for you and watch that you aren't. And if you use more than one device, you want a manager that is available across all your devices and browsers, so you can access your passwords and login information -- including credit-card and shipping information -- from anywhere through the manager app or its browser extension. Some provide secure storage so you can store other items too, such as documents or an electronic copy of your passport or will.
Take note: Many password managers keep the master password you use to unlock the manager locally and not on a remote server. Or if it's on a server, it's encrypted and not readable by the company.
This ensures your account stays secure in case of a data breach. It also means that if you forget your master password, there may not be a way to recover your account through the company. Because of that, a few password managers offer DIY kits to help you recover your account on your own. Worst-case scenario, you start over with a new password manager account and then reset and save passwords for all your accounts and apps.
What makes for a secure password?
When trying to avoid a weak password, a good password should be a long string of capital and lowercase letters, numbers, punctuation and other nonalphanumeric characters -- something that's difficult for others to guess, but a snap for a password manager to keep track of. And despite what you may have heard, once you select a good complex password or passphrase, you don't really need to change it periodically.
Can I use a web browser to manage my passwords and login information?
You can certainly use Chrome, Safari or Firefox to manage your passwords, addresses and other login data. You can even set up a master password to unlock your credentials within a browser. And while using an online browser's password tool is certainly better than not using a password keeper at all, you can't easily access your passwords and other login info outside of the browser or share login info with others you trust.
What about iCloud Keychain?
Through iCloud Keychain, you can access your Safari website usernames and passwords, credit card information and Wi-Fi network information from your Mac and iOS devices. This cloud storage option is great if you live in Apple's world. But if you venture outside the Apple operating system and have a Windows or Android device or use the Google Chrome or Firefox browser, iCloud Keychain comes up short.
David Gewirtz contributed to this story.