Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/30/2013
12:48 PM
Dino Londis
Dino Londis
Slideshows
100%
0%

10 Top Password Managers

Tired of being stuck in password hell? Consider these password managers that balance security with convenience.
Previous
2 of 11
Next


LastPass is often the first name mentioned when people discuss password managers. Founded in April 2008, when the major contenders in end-user password management were RoboForm, 1Password and KeePass, LastPass works on virtually every operating system. On the desktop, it installs on the browser as an extension, so you might need to provide explicit permission to let it run.

LastPass automatically fills out forms, allows for import and export, and permits sharing of passwords through the Internet (a better alternative than using plain text email, which is insecure). It also lets you create and keep simple notes, generate complex passwords, and create a USB key using Google Authenticator Support.

The premium version of LastPass costs $12 a year, which buys you mobile support even for WebOS. You also get multi-factor authentication via YubiKey, which you use like a USB thumb drive. LastPass also offers a credit monitoring service that will send email alerts when your credit report is modified.

Finally, LastPass for Android has a custom input method that automatically fills in your username and password when you log into apps such as Facebook.

Price: Free for desktop, $12/year for mobile

RECOMMENDED READING:

Twitter Two-Factor Authentication: Too Little, Too Late?

Want Stronger Passwords? Try Bad Grammar

6 Password Security Essentials For Developers

5 Ways To Solve The Password Reset Problem

8 Ways To Avoid Getting Your Life Hacked

7 Tips To Toughen Passwords

Previous
2 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 5   >   >>
ms70_300
50%
50%
ms70_300,
User Rank: Apprentice
8/16/2017 | 11:57:59 AM
Do you have any updates?
I've been looking for password managers for Windows 10 and come across a few including new ones like #1 Password Manager (https://www.microsoft.com/store/apps/9n0cqdt7zwqv)

Does it look good to you?

Thank you
Ray James
50%
50%
Ray James,
User Rank: Apprentice
11/2/2015 | 9:24:38 AM
Thank you
Thank you for suggesting these top 10 password managers, it's always interesting to see what is available on the market and comparing this to what I use. Password management and security is such a complex issue and needs a critical approach. I've been using Nervepoint Access Manager which is brilliant, and recently they launched single sign on via their partner Hypersocket. I have been using this combined, a password reset service with single sign on. Definitely worth a try. 
Andre RobertoD871
50%
50%
Andre RobertoD871,
User Rank: Apprentice
7/16/2015 | 7:57:21 PM
A different approach to a Password Manager
Hi guys, there is a password manager called Ninja Password (ninjapassword.com) that is very different from everything else out there because it actually does not store your passwords anywhere. What it does instead is generate your password on the fly whenever you need it based on an hashing algorithm that takes into account the the websites domain, a personal PIN number and a random user ID that it generates. If you use that same user ID in other devices it will sync your settings and list of websites for you, which in handy these days. The catch is that you cannot choose your own password but stick with the one it generates for you. You can setup the strength of your password (length, use of special chars, etc.), but that's it. Now, the most awesome thing about it is that it has no registration, no e-mails, no names, no addresses, no credit cards, nothing. It is completely private.
HonzaD206
50%
50%
HonzaD206,
User Rank: Apprentice
1/7/2015 | 4:16:03 PM
Enterprise password manager
All of those are personal password managers, but what if you need to securely share passwords with somebody else?? Within the team?? Try Vaultier.org. It is server based encrypted storage. BTW... there is free community version available.
SirDude
50%
50%
SirDude,
User Rank: Apprentice
8/31/2014 | 4:18:29 PM
sumbled upon...
Using Stumble upon I found this article... right after I found Password Locker @  pwlocker[dot]com

hit the back button to share. Trying it now, seems like it's missing some mobile functionality, but they're updating it all the time. I found their twitter handle @pwlocker and follow it for updates.

Going to give it 10 days or so as the password lists and funcitonality is pretty cool, but may close it out after that if I don't see some improvements with the mobile stuff (works well on smartphones, i'd just like to see some remembering of whom I am - have to repeat logging in over and over - although it's intergrated with Facebook, so i just log in with my FB credentials).

my 2 cents.
Jones201411
100%
0%
Jones201411,
User Rank: Apprentice
6/21/2014 | 10:59:08 PM
Recommended password manager
If you are looking for a password manager that works everywhere without installation, try "Intuitive Password" password manager. I use it all the time.
anon0241197450
50%
50%
anon0241197450,
User Rank: Apprentice
6/20/2014 | 10:35:40 AM
re: 10 Top Password Managers
I agree with you @juergenvogel19. Everybody has their own "fav password manager". For me, it will always be Password Depot. It is one of the best password managers out there. It provides best security features at an affordable cost Apart from that, it also provides other options to manage my personal data such as credit card, debit card, TAN lists etc.,. I think this piece of software deserves to be on the best password managers list. 
Markus5
50%
50%
Markus5,
User Rank: Strategist
5/12/2014 | 5:09:55 AM
Re: Password Manager & Safe
Yes, I miss Sticky Password too in this comparison. I use them for many years.
steve82
100%
0%
steve82,
User Rank: Apprentice
5/8/2014 | 1:07:09 AM
Try "Intuitive Password" online password manager
You may try an alternative online password manager "Intuitive Password". It securely stores your passwords in the cloud, and be able to access/view them on all devices. It's free and you don't need to install any plugin to use it.
sohern
100%
0%
sohern,
User Rank: Apprentice
4/20/2014 | 11:04:06 PM
re: 10 Top Password Managers
Keyfob is another great password manager that deserves to be on this list. They have apps for Windows desktop and Windows Phone 8. They also have a web app at keyfobapp.com in case you are away from your phone and computer. It's great for storing not only passwords, but any type of sensitive information, including security questions for websites, PIN numbers, etc. There is also a password generator to help you create strong passwords for your accounts. The desktop version does password auto-fill, which is a huge timesaver.
Page 1 / 5   >   >>
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Active Directory Needs an Update: Here's Why
Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus,  1/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.
CVE-2020-7222
PUBLISHED: 2020-01-18
An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (...