Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/30/2013
12:48 PM
Dino Londis
Dino Londis
Slideshows
100%
0%

10 Top Password Managers

Tired of being stuck in password hell? Consider these password managers that balance security with convenience.
Previous
2 of 11
Next


LastPass is often the first name mentioned when people discuss password managers. Founded in April 2008, when the major contenders in end-user password management were RoboForm, 1Password and KeePass, LastPass works on virtually every operating system. On the desktop, it installs on the browser as an extension, so you might need to provide explicit permission to let it run.

LastPass automatically fills out forms, allows for import and export, and permits sharing of passwords through the Internet (a better alternative than using plain text email, which is insecure). It also lets you create and keep simple notes, generate complex passwords, and create a USB key using Google Authenticator Support.

The premium version of LastPass costs $12 a year, which buys you mobile support even for WebOS. You also get multi-factor authentication via YubiKey, which you use like a USB thumb drive. LastPass also offers a credit monitoring service that will send email alerts when your credit report is modified.

Finally, LastPass for Android has a custom input method that automatically fills in your username and password when you log into apps such as Facebook.

Price: Free for desktop, $12/year for mobile

RECOMMENDED READING:

Twitter Two-Factor Authentication: Too Little, Too Late?

Want Stronger Passwords? Try Bad Grammar

6 Password Security Essentials For Developers

5 Ways To Solve The Password Reset Problem

8 Ways To Avoid Getting Your Life Hacked

7 Tips To Toughen Passwords

Previous
2 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 4 / 5   >   >>
pwndecaf
50%
50%
pwndecaf,
User Rank: Apprentice
5/6/2013 | 1:51:57 PM
re: 10 Top Password Managers
I'm sick of reading asinine complaints about slide shows whenever one is posted.
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
5/3/2013 | 7:37:09 PM
re: 10 Top Password Managers
Thank you for chiming in! Laurianne
SkyRanger
50%
50%
SkyRanger,
User Rank: Apprentice
5/3/2013 | 12:25:04 PM
re: 10 Top Password Managers
Laurianne, InformationWeek rocks! Keep up the great work as you are very relevant for me (format and all) and one of my favorites websites worth visiting in my very busy life. Thanks, SkyRanger
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
5/2/2013 | 6:31:46 PM
re: 10 Top Password Managers
Hi Leo. As Editor in Chief of InformationWeek, I work hard to please our readers. Right here, we are having a useful, critical discussion about password tools -- even getting additional ideas for readers, from readers. That is the sort of discussion I love to see.

I value honest feedback on what we are doing right and wrong, as well. Not sure what you are referencing re. New Year's resolutions -- mine involved exercise.

Many of our readers tell us they like apps/tools slideshows because they offer a convenient package of links along with guidance, in a digestible format. I am sorry you don't like slideshows, and to be honest, you're not alone. Some people do not care for the slideshow format. I can respect that. I don't like every dish at my favorite restaurant. I hope you will find other content that is appealing and valuable to you on our site.

Laurianne McLaughlin
InformationWeek
Leo Regulus
50%
50%
Leo Regulus,
User Rank: Apprentice
5/2/2013 | 3:56:04 PM
re: 10 Top Password Managers
Really, really, really GROSS.

It is now the second quarter of the new year.

Information Week only had one important New Year's Resolution this year. '"No Slide Show Articles with out a prominent 'View-as-one-page' link." How's that working out for you so far?

On my side of the fence, as Client/customer, You aren't doing well at all. Nearly every issue, you violate me with one of your Slide Show articles.

Please, re-examine your priorities. You do know how to do it - 'View as Single Page' link. It just isn't that hard and speaks volumes about your respect and concern for your Client / Customers.

Also, when I have to skip articles, I do not get to see your advertisers' messages.
SkyRanger
50%
50%
SkyRanger,
User Rank: Apprentice
5/2/2013 | 12:07:47 PM
re: 10 Top Password Managers
Keepass is a nice tool for the freebie seekers. However, it lacks in features compared to RoboForm. I couldn't be happier with my purchase. Great for PC's or thumb drive users. I use the thumb drive at work AND nothing is installed on the PC (leaves no trace). Feature rich: biometric fingerprint authentication, Microsoft document login, popup login, secure notes, secure contacts, etc.
~ I first encrypt the thumbdrive (password protected to unlock the drive). Once I launch the app from the thumbdrive (it integrates with Firefox, Chrome, Opera or Explorer), I have to enter a password one more time from the browser before it will allow me to use it. It can also timeout if you forget to retrieve it at the end of the day.
I also selected to sync the passwords using the online RoboForm server but you can just as easily make the default as the thumbdrive or the one installed at home on your browser.
beergas
50%
50%
beergas,
User Rank: Apprentice
5/2/2013 | 1:31:05 AM
re: 10 Top Password Managers
LastPass still my fave. Works w/ most sites, free, unlimited. lots options. Win 8 x64 Pro in both modes.
RB
50%
50%
RB,
User Rank: Apprentice
5/2/2013 | 12:14:57 AM
re: 10 Top Password Managers
I don't understand why eWallet did not make your list. It has excellent support and runs on Windows, Mac OS, Android, IOS, Windows Phone and Blackberry. All data is DES encrypted. Syncing can be done via USB internal WIFI home network or via the cloud,
ShawnHa
50%
50%
ShawnHa,
User Rank: Apprentice
5/1/2013 | 10:15:18 PM
re: 10 Top Password Managers
I haven't been successful at finding a Password safe for multi-roles & multi-users :(
For example local admin password for PC is stored with Service Desk, Infrastructure & Apps Support roles all having access to the password. The SQL server's password is accessible to Infra & Apps but not SD. Citrix is only accessible to Infra....and the IT Manager has God-access to all.
Is there non-web-based software with these features out there??
stevew928
50%
50%
stevew928,
User Rank: Strategist
5/1/2013 | 8:18:56 PM
re: 10 Top Password Managers
I think you forgot one of the best and oldest, Password Wallet by Selznick. I've been using it since my Palm Pilot days. I think there is a version for just about every platform and it has quite a few sync options.
<<   <   Page 4 / 5   >   >>
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, Kroll,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27743
PUBLISHED: 2020-10-26
libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id.
CVE-2020-1915
PUBLISHED: 2020-10-26
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application usi...
CVE-2020-26878
PUBLISHED: 2020-10-26
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.
CVE-2020-26879
PUBLISHED: 2020-10-26
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.
CVE-2020-15272
PUBLISHED: 2020-10-26
In the git-tag-annotation-action (open source GitHub Action) before version 1.0.1, an attacker can execute arbitrary (*) shell commands if they can control the value of [the `tag` input] or manage to alter the value of [the `GITHUB_REF` environment variable]. The problem has been patched in version ...