Risk
4/30/2013
12:48 PM
Dino Londis
Dino Londis
Slideshows
100%
0%

10 Top Password Managers

Tired of being stuck in password hell? Consider these password managers that balance security with convenience.
Previous
1 of 11
Next


In 2011, IBM predictedthat in five years we will not be using passwords to access secure resources such as ATMs and PCs. Instead of entering a PIN or typing a username and password into a PC, we will simply look into a camera or speak a name into a microphone, because our eyes and voices are unique, IBM says.

[Super-strong unique passwords are pointless! Join Dark Reading Radio on Wednesday, Sep. 17, 2014 at 1 p.m. ET for a grown-up conversation about passwords with Cormac Herley of Microsoft Research.]

Biometric recognition replaces the entry point for what password managers are already doing today. Companies such as RoboForm and LastPass provide a platform that requires only one complex password to access your secure websites, credit card information and even documents that you keep inside an encrypted database. Depending on the platform, the database could be stored locally, on the company's servers or even in Dropbox.

Some password managers use browser extensions that keep your data in a local profile, syncing with a cloud server. Because the data is encrypted and transferred through a secure connection, you can be reasonably confident that your data is safe.

Other password managers keep your data on a thumb drive you carry around from computer to computer. With this approach you always know where your data is -- as long as you don't leave it in a PC and walk away.

Some products are free and charge for a mobile premium; others are subscription-based or charge single flat fee. One product, Dashlane, rewards you when you use its service by awarding points you can use to earn discounts on future purchases.

Some password managers offer two-factor authentication, requiring a smartcard as well as your password to log in. With this type of two-factor authentication, even if your password is decrypted, hackers still can't access your account -- but neither can you, if you don't have your smartcard. That's why this type of authentication is usually offered as an option; most customers prefer a less-strict password management service.

All password managers do have one thing in common: They require you to remember one complex password. But complex should not mean hard to remember; it could be a sentence, for example. If you forget your master password, after all, you can't access your data -- and since the company that developed your password manager doesn't have it, you'll have to reset all your passwords and start over.

Password managers also generate complex passwords, provide import and export tools, allow for simple notes and automatically complete online forms for more efficient online checkout. Here are 10 password manager tools worth considering.

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Buster57
50%
50%
Buster57,
User Rank: Apprentice
5/1/2013 | 5:49:28 PM
re: 10 Top Password Managers
Keepass is easily the best password manager...and it's free!
ctcusick
50%
50%
ctcusick,
User Rank: Apprentice
5/1/2013 | 7:05:41 PM
re: 10 Top Password Managers
Yup, Keepass is the best. I knew of someone who once loaded his entire company's keepass database into a cloud service so he could access passwords remotely. What an amazing idiot. Cloud services are NOT secure. DO NOT sacrifice your computing security, your privacy and liberty, for the latest new wiz-bang technology gizmo or feature.

Did you know that most news website's 'comments' sections obtain one's Contact list (depending on if you log in with an integrated account from facebook, windows live, google, or similar)?

Why would you want corporations and others to know who you know, all so you can use a technology feature (in this example, leaving a comment on a website, such as a foxnewsdotcom online article, or similar)??
kdillon148
50%
50%
kdillon148,
User Rank: Apprentice
9/12/2013 | 7:47:56 AM
re: 10 Top Password Managers
Yeah, why give these marketing gurus all of our private and business contact lists, just for a lousy chance to post a comment. Uh-Oh did I sign onto InformationWeek giving InfoWeek my info???
ctcusick
50%
50%
ctcusick,
User Rank: Apprentice
9/12/2013 | 4:09:15 PM
re: 10 Top Password Managers
Ya you did! (err, me too)

Like most of us, our contacts were unknowingly taken from us by many other cloud services and online offerings years ago.

I rarely see a 'Submit' button anymore, it's been made unscrupulously the 'Post' button or similar, but that's what we are doing, submitting. We submit to our greedy masters while making ourselves subservient. We get neither liberty or security. Have you seen the movie "Terms and Conditions May Apply"?

http://www.youtube.com/watch?v...
JM
50%
50%
JM,
User Rank: Apprentice
5/1/2013 | 7:26:06 PM
re: 10 Top Password Managers
I have used KeePass for years and consider it the best of the lot for several reasons.

1. You make it sound like open source is bad. In fact, it is extremely valuable. The code in KeePass enjoys a level of inspection and verification beyond any closed source program.

2. It stores an indexed database, where each entry can have any number of user defined fields. For example, for an entry for a credit card, in addition to the normal username, password, and URL info, I can store named-fields for any other data I want to store. For example, a credit card number field, a CVC field, a date field, a Name-as-on-card field, a phone number to call if it's lost field, and fields for the special answers to questions the web site asks me when I log in. This capability makes all the difference. I refuse to use a data storage app that canGÇÖt do this. It makes the app broadly useful for all sorts of data and makes it a truly effective system for storing data you want to keep private. There is only one place I ever go to, KeePass.

3. It uses a double lock - a file with a tons of random bits, plus the password you type in. I physically copy that file to each of my computers and my phone, so it never touches the internet or any cloud storage. To break in, not only would someone have to guess the password I type in, they'd also need that file.

4. It gives me total control over my data. It stores the data locally, not on the cloud. But I can store it in a dropbox folder if I want to, making it available on the cloud. All my choice. I personnaly have mine on dropbox so that my phone, mac, and pcGÇÖs are all synchronized automatically.

5. It works across multiple platforms. I have it working on a MAC, several PC's, my Android phone, and a friend uses it on Linux.

6. Your sentence saying it is lightweight and going on to say what it doesnGÇÖt do makes it sound like a bad thing and that it is missing something. In fact, all the things you mention represent a fabulous feature! You can stick the entire tiny program on a memory stick and run it on a machine without having to "install it" It doesn't require mucking up the windows registry etc. I can run it on a friendGÇÖs computer and the computer is clean when I'm done.

7. The GÇ£AutoTypeGÇ¥ feature that fills in all the info required to log into a site works great. ItGÇÖs even programmable so that on complicated web sites that donGÇÖt use the standard username and password, but demand more things to be filled out, it can be easily programmed to do this job. ItGÇÖs simple enough, even my mother (in her 80GÇÖs) has used this with no help from me!

8. It's F R E E !
lspielman916
50%
50%
lspielman916,
User Rank: Apprentice
5/1/2013 | 7:57:34 PM
re: 10 Top Password Managers
I have been a RoboForm user for about 7 years. I LOVE IT! No, I do not work for the company. Am a paid subscriber. Couldn't live without it.

One thing that the article left off was that for at least the last year+ they store everything in the cloud! I have multiple computers and do a lot of global travel. As soon as I use one of my other computers/tablets/smartphones, after I sign in to RoboForm, ALL of my data is synchronized. Yes, I do use a double lock.
stevew928
50%
50%
stevew928,
User Rank: Apprentice
5/1/2013 | 8:18:56 PM
re: 10 Top Password Managers
I think you forgot one of the best and oldest, Password Wallet by Selznick. I've been using it since my Palm Pilot days. I think there is a version for just about every platform and it has quite a few sync options.
Mathew
50%
50%
Mathew,
User Rank: Apprentice
8/9/2013 | 10:58:54 AM
re: 10 Top Password Managers
I second Steve's Password Wallet shout-out. I've likewise been using it since the Palm days. Excellent software, works across desktops and mobile devices, has long done just what it advertises.
shawn
50%
50%
shawn,
User Rank: Apprentice
5/1/2013 | 10:15:18 PM
re: 10 Top Password Managers
I haven't been successful at finding a Password safe for multi-roles & multi-users :(
For example local admin password for PC is stored with Service Desk, Infrastructure & Apps Support roles all having access to the password. The SQL server's password is accessible to Infra & Apps but not SD. Citrix is only accessible to Infra....and the IT Manager has God-access to all.
Is there non-web-based software with these features out there??
RB
50%
50%
RB,
User Rank: Apprentice
5/2/2013 | 12:14:57 AM
re: 10 Top Password Managers
I don't understand why eWallet did not make your list. It has excellent support and runs on Windows, Mac OS, Android, IOS, Windows Phone and Blackberry. All data is DES encrypted. Syncing can be done via USB internal WIFI home network or via the cloud,
beergas
50%
50%
beergas,
User Rank: Apprentice
5/2/2013 | 1:31:05 AM
re: 10 Top Password Managers
LastPass still my fave. Works w/ most sites, free, unlimited. lots options. Win 8 x64 Pro in both modes.
anon0736263000
50%
50%
anon0736263000,
User Rank: Apprentice
8/31/2013 | 3:59:46 PM
re: 10 Top Password Managers
is it support cloud
SkyRanger
50%
50%
SkyRanger,
User Rank: Apprentice
5/2/2013 | 12:07:47 PM
re: 10 Top Password Managers
Keepass is a nice tool for the freebie seekers. However, it lacks in features compared to RoboForm. I couldn't be happier with my purchase. Great for PC's or thumb drive users. I use the thumb drive at work AND nothing is installed on the PC (leaves no trace). Feature rich: biometric fingerprint authentication, Microsoft document login, popup login, secure notes, secure contacts, etc.
~ I first encrypt the thumbdrive (password protected to unlock the drive). Once I launch the app from the thumbdrive (it integrates with Firefox, Chrome, Opera or Explorer), I have to enter a password one more time from the browser before it will allow me to use it. It can also timeout if you forget to retrieve it at the end of the day.
I also selected to sync the passwords using the online RoboForm server but you can just as easily make the default as the thumbdrive or the one installed at home on your browser.
Leo Regulus
50%
50%
Leo Regulus,
User Rank: Apprentice
5/2/2013 | 3:56:04 PM
re: 10 Top Password Managers
Really, really, really GROSS.

It is now the second quarter of the new year.

Information Week only had one important New Year's Resolution this year. '"No Slide Show Articles with out a prominent 'View-as-one-page' link." How's that working out for you so far?

On my side of the fence, as Client/customer, You aren't doing well at all. Nearly every issue, you violate me with one of your Slide Show articles.

Please, re-examine your priorities. You do know how to do it - 'View as Single Page' link. It just isn't that hard and speaks volumes about your respect and concern for your Client / Customers.

Also, when I have to skip articles, I do not get to see your advertisers' messages.
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
5/2/2013 | 6:31:46 PM
re: 10 Top Password Managers
Hi Leo. As Editor in Chief of InformationWeek, I work hard to please our readers. Right here, we are having a useful, critical discussion about password tools -- even getting additional ideas for readers, from readers. That is the sort of discussion I love to see.

I value honest feedback on what we are doing right and wrong, as well. Not sure what you are referencing re. New Year's resolutions -- mine involved exercise.

Many of our readers tell us they like apps/tools slideshows because they offer a convenient package of links along with guidance, in a digestible format. I am sorry you don't like slideshows, and to be honest, you're not alone. Some people do not care for the slideshow format. I can respect that. I don't like every dish at my favorite restaurant. I hope you will find other content that is appealing and valuable to you on our site.

Laurianne McLaughlin
InformationWeek
SkyRanger
50%
50%
SkyRanger,
User Rank: Apprentice
5/3/2013 | 12:25:04 PM
re: 10 Top Password Managers
Laurianne, InformationWeek rocks! Keep up the great work as you are very relevant for me (format and all) and one of my favorites websites worth visiting in my very busy life. Thanks, SkyRanger
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
5/3/2013 | 7:37:09 PM
re: 10 Top Password Managers
Thank you for chiming in! Laurianne
kdillon148
50%
50%
kdillon148,
User Rank: Apprentice
9/12/2013 | 7:50:27 AM
re: 10 Top Password Managers
Anything to make you happy Laurianne!
ctcusick
50%
50%
ctcusick,
User Rank: Apprentice
9/12/2013 | 4:13:24 PM
re: 10 Top Password Managers
You mean Master Laurianne.
pwndecaf
50%
50%
pwndecaf,
User Rank: Apprentice
5/6/2013 | 1:51:57 PM
re: 10 Top Password Managers
I'm sick of reading asinine complaints about slide shows whenever one is posted.
kdillon148
50%
50%
kdillon148,
User Rank: Apprentice
9/12/2013 | 7:51:50 AM
re: 10 Top Password Managers
And then there are those asinine complaints about the asinine complaints about slides shows. ;-}
Next...
devb23
50%
50%
devb23,
User Rank: Apprentice
7/1/2013 | 12:53:07 PM
re: 10 Top Password Managers
I highly recommend SplashId , because i have used it myself. Browser integration is fabulous. Also it is very easy to use. As soon as you create your account, you can actually set a pattern for splashid login, therefore you technically have to remember zero passwords. Extremely secure for USB usages as well. highly recommended.
ANON1242661523478
50%
50%
ANON1242661523478,
User Rank: Apprentice
7/2/2013 | 2:57:59 AM
re: 10 Top Password Managers
I've found Passpack (passpack.com) to be a great password manager for those business cases where you need to share passwords among certain individuals or groups of people.
kdillon148
50%
50%
kdillon148,
User Rank: Apprentice
9/12/2013 | 7:44:02 AM
re: 10 Top Password Managers
Why didn't I see Avast! Easy Pass listed? I have it and love it. I also use Avast! Internet Security. Of course I'm only running a small home network with 3 computers, and my X10 home security/surveillance system and in process automated household system.
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
9/12/2013 | 5:42:59 PM
re: 10 Top Password Managers
Thanks for the additional app ideas, all. We'll keep our eyes on doing a follow up. Let me know any other choices that should be considered.
juergenvogel19
50%
50%
juergenvogel19,
User Rank: Apprentice
3/27/2014 | 8:10:54 AM
re: 10 Top Password Managers
Password Depot deserves to be on top 10 list of password managers. I have been using it since a very long time now and it works great! I wonder why it was not included in this list. It provides so many features such as Security, Easy to Use, Easy to Understand, Clear Interface, Easy Pasword Generation, Facility to save personal Info, Super customer service, not only does it Import password list from other formats but also imports TAN lists...etc., I can go on and on about this tool because its a fantastic tool providing many features one can imagine. 

I think this link can explain much better about the features I mentioned above --> http://www.password-depot.com/overview.htm

 

 

 
anon0241197450
50%
50%
anon0241197450,
User Rank: Apprentice
6/20/2014 | 10:35:40 AM
re: 10 Top Password Managers
I agree with you @juergenvogel19. Everybody has their own "fav password manager". For me, it will always be Password Depot. It is one of the best password managers out there. It provides best security features at an affordable cost Apart from that, it also provides other options to manage my personal data such as credit card, debit card, TAN lists etc.,. I think this piece of software deserves to be on the best password managers list. 
TC
50%
50%
TC,
User Rank: Apprentice
9/19/2013 | 9:47:09 PM
re: 10 Top Password Managers
Tried several, but, have settled on 1Password. Works seamlessly on every platform I own.
ColinJS
50%
50%
ColinJS,
User Rank: Apprentice
10/5/2013 | 8:01:58 AM
re: 10 Top Password Managers
The description of SplashID safe is misleading as it confuses two different products. The basic SplashID safe requires no hardware and works in a similar way to the other products described. The image and description refer to SplashID Key Safe. Though the text does also mention mobile and desktop - where it does require installation.
SecurityManiacs
50%
50%
SecurityManiacs,
User Rank: Apprentice
11/28/2013 | 7:42:40 PM
Password Manager & Safe
I think, in article misses one interesting password manager - Sticky Password.


It is for PC and mobile too. (Google Play). On Google Play is free.
Markus5
50%
50%
Markus5,
User Rank: Strategist
5/12/2014 | 5:09:55 AM
Re: Password Manager & Safe
Yes, I miss Sticky Password too in this comparison. I use them for many years.
pepeleches69
50%
50%
pepeleches69,
User Rank: Apprentice
12/8/2013 | 5:23:00 AM
re: 10 Top Password Managers
PassVault is a easy and powerful app to manage password in a very reliable and secure way. Store in a cipher database all your passwords for Web, email, Social Media, Banking accounts, etc.
- All your data is fully encrypted with a strong, password-based, government-grade 256-bit AES cipher. This way your information is protected from unauthorized access by thieves, hackers and malware.
- FREE and without Ads.
- Backup your database to your favorite services (Google Drive, Dropbox, etc)

https://play.google.com/store/apps/details?id=com.singularapps.passvault&hl=es_419
yong926
100%
0%
yong926,
User Rank: Apprentice
12/18/2013 | 1:10:52 AM
re: 10 Top Password Managers
I want to recommend Efficient Password Manager which is freeware yet very powerful. You only need to remember one password from now on. You can see more info at: http://www.efficientsoftware.net/passwordmanager/
anon9786219702
50%
50%
anon9786219702,
User Rank: Apprentice
2/19/2014 | 1:28:52 AM
re: 10 Top Password Managers
Thanks for your recommendation, Efficient Password Manager is really an excellent program! You deserve to own! http://www.efficientsoftware.net/passwordmanager/
John2014
100%
0%
John2014,
User Rank: Apprentice
3/13/2014 | 10:15:40 PM
An alternative password manager
Try "Intuitive Password". It's a comprehensive online password manager that meets your needs. There is a free version available.
spazonymous
50%
50%
spazonymous,
User Rank: Apprentice
3/20/2014 | 2:06:02 AM
This article
LOL at the ELEVEN pages it took to write this article. You think I'm gonna click on 11 pages just to see a top 10 list of password managers? FFS, just put the article on ONE page. Won't be back.
sohern
100%
0%
sohern,
User Rank: Apprentice
4/20/2014 | 11:04:06 PM
re: 10 Top Password Managers
Keyfob is another great password manager that deserves to be on this list. They have apps for Windows desktop and Windows Phone 8. They also have a web app at keyfobapp.com in case you are away from your phone and computer. It's great for storing not only passwords, but any type of sensitive information, including security questions for websites, PIN numbers, etc. There is also a password generator to help you create strong passwords for your accounts. The desktop version does password auto-fill, which is a huge timesaver.
steve82
100%
0%
steve82,
User Rank: Apprentice
5/8/2014 | 1:07:09 AM
Try "Intuitive Password" online password manager
You may try an alternative online password manager "Intuitive Password". It securely stores your passwords in the cloud, and be able to access/view them on all devices. It's free and you don't need to install any plugin to use it.
Jones201411
100%
0%
Jones201411,
User Rank: Apprentice
6/21/2014 | 10:59:08 PM
Recommended password manager
If you are looking for a password manager that works everywhere without installation, try "Intuitive Password" password manager. I use it all the time.
SirDude
50%
50%
SirDude,
User Rank: Apprentice
8/31/2014 | 4:18:29 PM
sumbled upon...
Using Stumble upon I found this article... right after I found Password Locker @  pwlocker[dot]com

hit the back button to share. Trying it now, seems like it's missing some mobile functionality, but they're updating it all the time. I found their twitter handle @pwlocker and follow it for updates.

Going to give it 10 days or so as the password lists and funcitonality is pretty cool, but may close it out after that if I don't see some improvements with the mobile stuff (works well on smartphones, i'd just like to see some remembering of whom I am - have to repeat logging in over and over - although it's intergrated with Facebook, so i just log in with my FB credentials).

my 2 cents.
HonzaD206
50%
50%
HonzaD206,
User Rank: Apprentice
1/7/2015 | 4:16:03 PM
Enterprise password manager
All of those are personal password managers, but what if you need to securely share passwords with somebody else?? Within the team?? Try Vaultier.org. It is server based encrypted storage. BTW... there is free community version available.
Andre RobertoD871
50%
50%
Andre RobertoD871,
User Rank: Apprentice
7/16/2015 | 7:57:21 PM
A different approach to a Password Manager
Hi guys, there is a password manager called Ninja Password (ninjapassword.com) that is very different from everything else out there because it actually does not store your passwords anywhere. What it does instead is generate your password on the fly whenever you need it based on an hashing algorithm that takes into account the the websites domain, a personal PIN number and a random user ID that it generates. If you use that same user ID in other devices it will sync your settings and list of websites for you, which in handy these days. The catch is that you cannot choose your own password but stick with the one it generates for you. You can setup the strength of your password (length, use of special chars, etc.), but that's it. Now, the most awesome thing about it is that it has no registration, no e-mails, no names, no addresses, no credit cards, nothing. It is completely private.
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: good one 
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2001-1594
Published: 2015-08-04
GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, an...

CVE-2002-2445
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the reboot user, and (5) shutdown for the shutdwon user, which has unspecified impact and attack vectors.

CVE-2002-2446
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.

CVE-2003-1603
Published: 2015-08-04
GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors.

CVE-2004-2777
Published: 2015-08-04
GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002...

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!