Update: Part-2 of this article is now available by clicking this link.
It never ceases to amaze me how often I still notice people (and business clients) that don't employ the use of a Password Manager. Despite the warnings plastered all over the web about why you should use one, I constantly see sticky notes with passwords stuck to monitors, under desks and unprotected spreadsheets with lists of websites and all the login information needed to access the accounts. So many still use the same passwords used on most of the websites they visit as well.
My hope is that this article will help encourage folks to change their habits and secure their online information and identities.
I've been using Password Managers for several years and I've tried out just about all of the popular (and some not so popular) ones. Here I'm going to review what I think are the Top 5 password managers currently available and discuss some of their strengths and weaknesses.
All the Password Managers reviewed in this article are the absolute latest current versions available at the time of writing.
Preliminary ramble and side note: Please note that I am aware of, and have tried, many popular other "Free" password managers over the years, including KeePass, LastPass, PassPack, EnPass, LogMeOnce and a few others that slip my mind at the moment.
Feel free to check them out for yourself (links have been provided) however, none of the above have been included in this review because I personally found them to be either lacking in what I consider important features or just plain clunky in their day to day use. If you disagree, I encourage you to say so and provide your reasoning in the comments section below this article.
That said and out of the way...
What I'm going to cover in Part-1 of this series is review and take a look at the following Password Managers;
All of the above Password Managers have paid models and fully functional 30-day trials, which basically means that if you want to continue using them after your 30 day trial (with all of their advanced features enabled), you'll need to purchase a subscription. They will all revert to Free versions after your 30-day trial, however, you can keep using them without the advanced capabilities that must be paid for, the most noteworthy of those being losing the ability to Sync your passwords and account with a cloud server.
Along with looking at the strengths and weaknesses I've found in the above managers, I'm also going to show how it can be useful to use more than one password manager to overcome the problems you might face with your favourite password manager and tell you which ones I've found can play and co-exist together nicely to overcome those issues. I personally do this because I've yet to try a Password Manager that handles all of the problems that I hear people complaining about.
For instance, a website changes its login page and breaks your Password Manager, causing you to jump through hoops to get it to work again. This can be a pain if you're in a hurry to get into your Online Banking website for example!
Other problems include the way websites ask you to log in, which you find that your Password Manager doesn't recognise. I've solved all of these problems for myself by using not one, but two (and recently three) password managers. But in using more than one Password Manager, not all of them play well together, so in Part-2 of this series, we'll explore which ones do and which ones don't, based on my personal experiences.
Note: At the time of writing, ALL of the above-listed Password Managers were installed on my system and at times, were all active (unlocked). When problems were struck and conflicts found, certain managers were deactivated to eliminate the issues encountered. All of that will be explained in detail in the second part of this article (Part-2) where I'll explain which Password Managers can co-exist and play well together.
On with the reviews...
RoboForm is the password manager I've used the longest - for several years in fact. It's served me well and handles most situations admirably. It's never crashed or corrupted on either of my Win 7 or Win 10 systems, so I've never had to restore my database from the cloud. It's a solid piece of coding and does its job well, on both my computers and smartphone / iPad and Tablets.
Installation is a breeze and extensions are available for all browsers. It's major capabilities include;
Using it is a breeze and very intuitive, even for new players. Once installed, browser extensions are added and your online cloud account created, the first time you log into a website, RoboForm asks if you would like to save the login information for the next time. Check out the pic below.
At this point, you have the opportunity to change the Name: to anything you like, accept Home as the folder to save your login information to, save to a folder you've already created or create a new folder of your own choice. Folders are saved within RoboForm itself.
RoboForm (like most) can be configured to Auto Start each time your computer is restarted. The first thing you need to do when you reboot your computer (or if RoboForm has locked during a session), is to put in your "Master Password"
It's important to note that your Master Password is not stored anywhere and can not be retrieved, not even with the help of RoboForm Support, so make sure you use one that you won't forget or take advantage of the Emergency Access function with a trusted family member or friend. It's also useful to mention that you can set how many minutes of computer inactivity can pass before RoboForm will automatically lock itself to protect your vital information in case you forget to lock it manually and walk away from your PC.
If you look at the graphic above, you notice that there is a Change Account option. This allows you to share your RoboForm license with family members on a family computer. To complete RoboForm's review here are some snaps of what RoboForm looks like in action, along with some of its more interesting features... The first snap is what my RoboForm looks like with 479 Websites login information.
Every single website saved has a unique password that is at a minimum of 8 characters long and up to 16 characters or more where the site permits long passwords to be used. They also all have special characters and numbers such as #%$#@ in them as well. Brute force guessing my passwords? I'm confident it's an almost impossible scenario! As are my chances of remembering them all.
Save your Safenotes Generate a Strong Password
In the interest of brevity, that's all the screenshots I'll share, but there is a ton more to see. The Security Centre in particular, where you can Audit your Passwords and identify potentially problematic (weak) ones or duplicates to take care of.
One other benefit worth mentioning is that you can log into RoboForm on the web using your login information and password - so if you're at a computer and don't have a device with RoboForm installed on it, just log into your online account and all of your saved logins are available to you via a web console.
Important note: If you do use this method, especially on a public computer, be sure to use an Incognito browser and to log off your account when you're done. Don't just rely on RoboForm auto locking for you.
Some Cons I've found with RoboForm
There aren't a lot of cons I've found with RoboForm. One, however, is it having difficulty with some websites where the login page has changed. It can handle most OK, but it takes a few manual clicks and adjustments to correct an entry on some websites.
Another con is that with some login pages, particularly where a box pops up, RoboForm will not automatically see that as a website login, so you may need to add the website manually to make it work. This also causes an extra step when logging in so it's not as automatic as it could be.
Other than those few issues, I think it's a great (and very affordable) password manager.
The FREE Version
RoboForm does provide a totally FREE option which provides you with the following features.
The free version does not sync with the cloud, so your information is only available on your device.
My Recommendation: Definitely give RoboForm a 30-day trial run. I think you'll love and keep it!
Avast Password Manager
Avast's Password Management system doesn't come as a stand-alone program. Rather, it's bundled with both their Free and Paid versions of their Antivirus product. The Free bundled version of Avast Password Manager gives you some generous benefits that include;
Installation is simple. After a default install, Avast will first perform a Smart Scan of your machine to try and identify any issues it thinks needs to be addressed.
To get to the Password Manager, which is what we're interested in here, simply click on the "Privacy" button, and then "Passwords" in Avast and you'll be presented with the following screen.
Click the "Get Started" button to, well, get started!
Avast Passwords will proceed to activate itself ( insert plug-ins/extensions) into all of your available browsers.
You can skip any browsers you don't want Avast Passwords to activate in. Clicking the Activate in "Google Chrome" button shown above will open the Chrome browser with an Install button ready for you to click. Rinse and repeat for the rest of your browsers. Once done, you'll get the following screen.
Assuming you've activated your free version and already created an online account with Avast, you're now good to go. Don't worry if you forgot to activate or create an online account for yourself at this point as you can do that anytime.
So how does it look once you've entered a few websites into your Avast Password Manager? Well here's a screen grab of mine...
I subscribe to Avast Internet Security, but the free version looks exactly the same once populated with website logins. Each of those logins can be edited and changed. The "Lock" function that I've circled in the above graphic is just a way to manually lock Avast Password Manager - in other words, turn it off.
As you can see, you can modify the Colour, Account Name, Web address, your Username, Password and even add a Note for this particular login and save your changes. Alternatively, from here you can also delete the login completely to make Avast forget about the login.
Note that the above is a standard feature available in all of the password managers reviewed here.
Logging into a website for the first time activates Avast Passwords where it offers to save your login information for you. You can also set Avast to not enable Auto-Fill on websites you've saved if you prefer to do it manually, or just save login information for you without asking you if you want it to save all your passwords automatically.
The next time you log into a website with saved information, with one click, Avast will auto-populate the required login fields for you and log you in.
To create a random strong password for any website, take advantage of the "Generate a strong password" feature.
Some Cons I've found with Avast Password Manager
Avast's Password Manager does the job, but there are a few features I've found to be lacking. You can't, for instance, open up your list of logins and click on them to go to the website - you'll need to rely on your favourites list to do that.
Changes in website login procedures can be a bit of a pain as well because Avast seems to consider it to be a new website and creates a new login entry, rather than modify/update the existing one.
No support for Windows 10's Microsoft Edge browser.
Nags! Avast will periodically nag you to Upgrade to their Premium Version and this can get annoying after a while.
The Benefit of Subscribing
All of the above Avast Password Manager features are available for free! Compared to some of the other offerings, Avast is quite generous with what they provide you at no cost. To get the benefit of a potentially useful feature though, you'll need to purchase a subscription.
For the purposes of this review, I went and changed a number of passwords on a variety of websites to be the same, as well as made some passwords weak. Here's what Password Guardian reported...
Note: For all you budding hackers reading this review, don't bother trying. The passwords have already been changed to 16+ generated strong passwords and duplicates removed before publication of this review! :-)
My Recommendation: If you don't want to pay for a commercial password manager, yet still enjoy a bundle of neat features, then Avast's Password Manager is an excellent choice. Give it a try.. not only will you enjoy the protection of an excellent and highly rated Antivirus, but a free Password Management tool that is way safer than your browser's built-in password tool(s).
Sticky Password is a Password Manager that was recommended to me by another Experts Exchange Member during a conversation we were having about Password Managers and has quickly turned into my second favourite password management tool. Also impressive is that it earned the PCMag Editors’ choice award. I've used Sticky Password now for several weeks and can happily report that I'm more than suitably impressed.
One of the best things about this software is that it is very intuitive to use. Its features include;
If you choose to purchase a premium subscription, part of your subscription goes to saving these endangered animals.
As with all of the offerings I'm reviewing here, there are FREE and Paid versions of Sticky Password available. To see the differences between the Free and Premium versions, visit their website here.
You automatically get Premium access for 30-days when you install Sticky Passwords so that you can explore all of its features - after 30 days it will revert to the Free version, but none of your saved data will be lost or discarded.
One of the major things Sticky Passwords brags about is the number of browsers it supports and that it works across all major platforms. Its browser support includes;
An impressive list to be sure, but one major browser not supported which is gaining more and more popularity every day is Microsoft Edge.
Sticky Password claims that this is because Edge does not support extensions, however, that's not totally true (see my RoboForm review at the start of this article). Extensions must be developed, vetted and approved by Microsoft and then made available for download via Microsoft's Online Store. Let's hope that Sticky Password developers take advantage of this and add support for Edge in the near future.
Installation of Sticky Password is via a downloaded file that must be run. Select your operating system when you go to the download page and click on the download button - then just run the file you've saved. The version I tested was for Windows v8.1.0.103. Download a copy of the latest version from here.
I found the installation wizard to be excellent and one of the quickest and easiest of all the password managers being reviewed, so I think it's worth going through the process here to show you what I mean...
Upon clicking the Finish button, after 3 easy to understand explanatory screens, Sticky Password automatically launches and leads you through four easy steps...
Here's where you get to Create your new online Account. Your online account is where you set your synchronisation and backup options, as well as manage your mobile devices like Smartphones, Tablets etc.
Let's go through the steps.
First, enter your Email address. Choose carefully though, as your email address will be a unique identifier of your online Sticky Account so all Email communication from Sticky Password will be sent to the address you enter.
Next, you must select a Master Password. Once again, choose very carefully. As with all of the Password Managers being reviewed, your Master Password is what will provide you with access to all of your personal information and your online database.
Your Master Password should be something that's easy for you to remember, but difficult for anyone else to guess, including your family members!
Note: No-one, including Sticky Password developers and support staff, will be able to recover your data if you ever forget your Master Password.
Finally, when selecting this password, take note of strength bar when you enter your master password. It will give you an indication of how strong or weak the password you select will be.
For those who fear they may have a keylogger or other malware on their system, make use of the Sticky Password's virtual keyboard shown below.
When you tick the "Anti spy" option (circled in red), no one can see which keys you've really pressed. Extremely useful if you're logging into your account from a public computer such as Internet Cafes or even a friends place. Having entered your information, click on "Create my Account" and Sticky Password will double check that you remember your master password at this point and ask you to type it in again.
Click the green Continue button to set up your Cloud Synchronization option - or not - the choice is yours - you can change the settings later.
Clicking Continue again at this point will create your online account with your initial settings and then prompt you for which browsers you want the app to work in. Any passwords saved in your browsers you select will automatically be imported into your Sticky Password database.
Clicking Continue at this point will take you to a screen that installs the required extensions into the browsers you've selected. Once done, a web page opens up and allows you to setup your name, phone number and date of birth for Autofilling web pages.
Clicking the "Let's see how it works ..." button gives you an example page to check out how Autofilling works. You can skip this page and end up here...
Now just click the Start button and you're set to go, with 30-days of free Premium Access.
Another screen will pop up giving you the option to view a 3 minute tutorial on using Sticky Password and though I found this to be unnecessary because of how intuitive Sticky Password is to use, I encourage you to go through the tutorial as it does show some useful information. If you want to skip it, just close the window with the X at the top right of the window. Note: If you've already purchased a license for Sticky Password, simply click "I have a License Key" to log into your account.
As I've said earlier, using sticky password is simplicity itself. Despite that fact, for the purpose of this review, I'll go to a new website login and show you how it works.
First-time login where Sticky Password doesn't know your details...
As soon as you click Login, Sticky Password pops up the following box...
At this point, you have a few options. You can change the Account name: to something that you prefer. You can accept the default "Web accounts" Group: to save or save to a group like "Technical Sites" or similar which you have previously created. Or just accept the defaults and click the blue Add button to save the login information for the next time you want to log into the site.
Note the "Ignore site" option, which is another great feature that some password managers lack. This tells Sticky Password not to prompt or bother you with saving your login information for this site in the future. Now we've saved the login information for this site, (and logged back out) the next time you go back to the site, Sticky Passwords enters all of your required login information and you can log in with ease!
Another really useful feature of this password manager is that like my other favourite password manager (RoboForm), Sticky Passwords also creates a type of Favorites list inside where you can select and click on a website to go to and automatically log you in with a single click. Here's how it looks...
If you have a ton of websites saved as I do, the Search function is invaluable, as is the Favorite Accounts tab. If I wanted to log into my LinkedIn account for example, then I just click once on the LinkedIn entry and Sticky Passwords takes me to the page in my browser, logs me in and I'm set to go. It doesn't get much easier than that.
But let's take a look at some of its other great functions...
Identities is where you can setup AutoFill entries
Bookmarks allow you to save a particular page (or pages) that might be deeply nested in a website. Clicking on a Bookmarked link takes you directly back to the page you want with a single click, logging you into the site if necessary as well.
Clicking the "Open application" link is where you'll find most of the power and options Sticky Passwords provides.
From this console, you can do any number of nifty things.
The Menu option at the top right is where you Lock the app manually, Import and Export login information in a variety of formats, but most importantly, open the Settings Options where you can adjust the configuration of how you want Sticky Passwords to behave.
Pretty self-explanatory providing a host of adjustments you can make so that Sticky Passwords performs exactly as you want it to, such as adjusting it to auto lock after 10 seconds, 10 hours or never - you're in total control.
Cons I found with Sticky Password
No support for the Microsoft Edge browser. Recent updates have made extensions possible, but Sticky Password's developers tell me they're actively working on making it available!
The Import from other Password Managers does work, but I found it got a few of the more complex sites I had saved in RoboForm wrong. Importing is also only supported from RoboForm, KeePass, LastPass, Dashlane, Kaspersky and 1Password. Note that only RoboForm was tested, so I can't say how well the Import function works with the other Password Managers it supports.
My Recommendation: This is definitely a password manager you'll want to try. It plays well and co-exists with most other password managers that you may already be using and should you decide to subscribe to it, you'll very much enjoy the premium features. It may not be as feature packed as other Password Managers, but it's certainly up there with the best of them. Highly recommended!
Dashlane's Password Manager I found to be a robust tool that I've been using for several weeks now. Like the others, it has Free and Premium (Paid) versions available. I did strike a couple of 'minor' hiccups with its ability to co-exist with other installed password managers that were active, but workarounds were relatively easy to find and that point will be discussed in Part-2 of this series.
Compared to some of the others reviewed here, Dashlane is pretty featured packed. It has the ability to;
Installation is simple, with a wizard-driven installer leading you through all the steps you need to complete in order to get started. Dashlane doesn't come with a fully fledged offline installer, so you'll need to be online to install it.
Download its installation executable, run it and the installer will connect to Dashlane's servers and begin the installation process. Once done, the products configuration wizard will launch...
The first thing you'll want to do is create your free account. Enter your Email address and Master Password and continue with the wizard. It will prompt you one more time to enter your Master Password to make sure that you didn't miss-type it the first time.
After a few screens that tell you what Dashlane can do for you, including the opportunity to import your saved login information from other password managers, you'll have the option of adding Dashlane's extensions to your default browser. Any passwords already stored in your browser(s) will be imported automatically.
Here we strike a little setback. If you're on Windows 10 and have Microsoft Edge set as your default browser, then you'll get a screen advising you that you need to change that default to another browser. As with most of the other Password Managers reviewed here, Dashlane still hasn't caught up with the fact that Edge can, in fact, support extensions.
You can skip this step and do it later, but if you follow the instructions, Dashlane will add its extension to your newly selected default browser and present you with a tutorial screen you can go through to learn how to use its functions. Go through this tutorial or skip to do it at a later time. You'll now have Dashlane's Console up in front of you that looks something like this...
Let's examine what we have available to us from here...
Dashlane's Password Generator is up there with the best of them. Choose between 4 and 28 characters in length to generate almost impossible to guess or brute force attack passwords.
The Preferences menu (found under Tools) provides a myriad of ways you can configure and customise the way you want Dashlane to work. Highly useful if using more than one password manager on your system.
One thing I found Dashlane particularly good at is handling logins to websites where you may have different login accounts.
For instance, I have 4 different accounts at a particular website I often visit where I need to use different usernames and passwords to enter the area I need to work in. In situations like that, Dashlane pops up a requestor as shown below...
I tested this function extensively and found that it worked flawlessly every time. Clicking the appropriate login account gets Dashlane to log me into the correct area with a single click. This is a highly useful feature that is lacking (or doesn't work as well) in most of the other password managers I've used.
The Benefit of Subscribing
If you choose to purchase a Premium subscription, you have the ability to Synchronise your passwords across all of your devices, Backup your account securely on their servers, Unlimited Password Sharing, Priority VIP Support and the ability to use YubiKey (U2F) authentication.
Cons I found with Dashlane
The lack of extension support for Microsoft Edge is an obvious one. Compared to the others, the subscription cost is a little pricey and is charged yearly. No monthly payment option is available. I also found the import process to not work so well, with quite a few of my RoboForm entries doubled up or mangled to a point where they had to be reset. Finally, not all features are available from the browser extension icon and require the opening of the console to configure many items. All in all, not such a big deal.
My Recommendation: Dashlane is certainly amongst the top three Password Managers I've used. Its Free features are generous and security is as good as it gets. Give it a try. Highly Recommended!
1Password is not as intuitive to setup and use in my opinion. When installing it, I found myself scratching my head at times as to what was going on. Its GUI also doesn't seem to be as polished as the others I've reviewed.
Unique, But Confusing Sign up!
1Password's initial setup can be more than a little confusing. Firstly, there's no setup program to download. Rather, you go to their website, click on "Try it FREE" which takes you to the following page...
I chose the "Just Me" option which took me to a page to enter my email address (or sign into an existing account if I had one). Having entered my email address, I needed to wait until an email arrived with a link to follow so that I could "sign in". The email arrived promptly so I duly clicked the link as instructed to "Verify My Account".
A new tab opened in my browser asking me for my "First Name", "Last Name", along with the opportunity to upload a picture of myself and sign up for the 1Password newsletter - both of the latter which I declined to do.
Clicking the Continue button presented me with a page to add my Credit Card Details for a seamless trial. I could select to be billed $3.29 AUD per month if billed annually, or $4.39 AUD a month if I wanted to select monthly billing. Fortunately, there was also a link that allowed you to skip that step so I did just that, otherwise I would have probably aborted the install.
The next page was unique and something I'd never seen before in any setup process. A "Secret Key" was generated as shown below, in full view of anyone that may have been looking over my shoulder or able to view my computer's screen.
Given that you're told not to write it down, I honestly can't figure the purpose or reasoning behind this step. Anyway, I clicked Continue again and was asked to create my Master Password.
I also have a problem with doing this online, even on a secured website. Information like this should (in my opinion) be entered offline and transferred to the server in an encrypted form. I clicked Continue again...
Intuitive? Well, kind of. Easy, I guess so, but what's with this Secret Key? I click Sign In expecting to finally be in my account.
But wait there's more!
Now I finally found out what this Emergency Kit is all about...
I decide to Save the Emergency kit and as you'll see a little later, it's a good thing that I did.
At this point, I was prompted to either
None of which I thought were a good idea, but I just printed it to PDF and saved it to my USB key for the sake of the exercise.
I clicked the "Got it" button to confirm I'd complied with the options and finally found myself in my online account!
But wait, what about the browser extensions? That's not automated like with all the other Password Managers I'd installed and used - you must go through and do that manually.
I felt like giving up on it at this point, but determined to see how well it performed in day to day use, I decided to install the 1Password app for Windows on both my Windows 10 and Windows 7 Pro machines. Clicking on the required link, I was presented with another file to download and save. With no instructions as to what to do next, I ran the file to see what would happen.
A "Ready to Install" box popped up to setup 1Password. I clicked the Install button on the box and let it do its thing.
At the end of "that" part of the Installation process, per the screen grab above, I still needed to enter my "Sign-in address", (I had no idea what that was at this point), my Email address, Secret Key and my Master Password.
Nowhere during the install thus far was I told about having any sort of "Sign-in address" so I started going through the online help pages to try and figure out what it could be. The help pages turned out to be of no help, so I opened the Emergency Kit PDF I'd saved to my USB stick which revealed that my "Sign-in" address was just a generic address of https://my.1password.com.
What's so secret about that address and why it's needed to sign in to the app I've yet to figure out?! You'll note I didn't even bother to blur the address out in in the above graphic.
Anyway, I entered the required information, clicked the Sign In button and hallelujah, I was finally logged into the app!
Before I go on with this product's review, I'd like to stress at this point that the installation and initial account creation used by 1Password (in this writers opinion) is ridiculously long-winded and unnecessary. It is overly complex for no apparent reason and I suspect has, without doubt, made some potential customers abort the installation process and move on to a competing product. I almost did that myself.
That said, 1Password is actually not a bad little password manager once you've jumped through the initial installation hoops, which is the reason it ended up making it into this Top 5 review.
1Password Console App
This is what you end up with on your computer once you've finished with the rather (for want of a better word) "unique" installation process. Let's take a look at the various categories.
The +New Item menu option, as shown below, offers a handy way to get to a host of pre-prepared templates which many will undoubtedly find useful. Once populated with the required information, they are automatically saved in the correct category on the main 1Password dashboard.
Closing the 1Password Console minimises it down to your System Tray as shown below.
1Password's performance in capturing login information and logging you into websites is quite good. In the following example, I'll log into a forum and show what you can expect.
The first time you log into a website successfully, 1Password pops up the following window...
From here, you can select the Vault you want to save this entry to (in this above case I've selected my Personal Vault), change the name of the Login to something that means more to you than the default entry taken from the website's name, Enter a Tag and then just click Save Login. From here on, you'll never need to enter your login information again. Just go to the login section, click on the 1Password extension icon and it will log you in automatically.
If you decide you don't want 1Password to save the Login for this particular website, simply click "Not now" and 1Password will never bother you to Autosave for this site again. A handy option for a variety of reasons, like if you're also using another password manager that you prefer logs you into this particular website.
Cons I found with 1Password
The installation process as explained at the start is a pain, as is the installation of extensions into supported browsers. To install extensions, you need to go to their extensions website using the browser you want to enable 1Password in and click on the Install button. I found this clumsy and long-winded. If there's a simpler way to install 1Password's browser extensions, then I still haven't found it. Browser extension support is also only available for Google Chrome, Safari, Firefox and Opera.
I tried the Auto-Fill capabilities and they didn't work quite right. Entries ended up in the wrong fields at times and a lot of tweaking was required to get it to work right. Finding helpful information when you run into something you're not sure about on the 1Password help website is a chore which needs a major overhaul in my opinion.
The tools lack of automation in many areas can be annoying, to say the least. As are the hoops you must just through to approve a new device or browser.
My Recommendation: Intuitive it's not. If you're relatively new to Password Managers I think you're going to struggle with this one and should opt for one of the other four Password Managers I've covered in this review.
Seasoned computer users, however, should be able to find their way around without too much trouble, so it's worth giving it a try because of the number of features it provides. For me, this isn't one I'll be keeping on my system but we're all different and your mileage may differ.
Concluding Remarks
I have considerable experience with all of the Password Managers that have been included in this article. I've installed and used them all so you are strongly encouraged to leave a comment with your thoughts.
If you agree or disagree with some of the things I've written, or conclusions that I've reached and have something constructive to say, I'd love to hear from you. All comments will be answered.
Update: Part-2 of this article is now available by clicking this link.
Until the next time...
Andrew Leniart
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (19)
Commented:
Have you read the latest information regarding password managers? I saw something this morning on LinkedIn and did a search and found this:
https://www.komando.com/happening-now/547660/hackers-find-security-flaws-in-5-popular-password-managers-are-you-safe
It comes down to password managers exposing your passwords!!
This is extremely disconcerting as I have several hundred passwords stored in my PM.
Author
Commented:That's very disconcerting information on its own! I'm sure glad that RoboForm, Avast, and Sticky Password (the three password managers I'm currently using) didn't make that list, but two of those, 1Password and Dashlane, are in my review as recommended. :-o
Given the large number of Popups that broke through Adblock Plus when I visited your link, I think I'll quote the article here so others can read it without all of the annoying popups.
Crediting Source: Hackers find security flaws in 5 popular password managers. Are you safe? - By "The King Komando Show"
Will be very interesting to follow this and see how it pans out.
Regards, Andrew
Commented:
I tested most of the products from your list and I really can't help but I might go with a Solution that's only mentioned in your Intro: Keepass
Reasons for this, if you take security very serious: I don't trust the cloud
The coud is convenient, but security and convenience are not compatible ;-)
A very suspect example is Sticky Password, where after the Installation on your Device, you get the Message, that your Masterpassword is only known to me and isn't saved anywhere.
In the following Step I have to login to ther Website with my Username and TADA, my Masterpassword :-)
A Website that even doesn't provide 2FA, please correct me, but am I missing a thing in case of Security here?
And how do you login to a website that doesn't know the Users Password???
- Bernhard
Author
Commented:Thanks for your comments. 2FA is an important consideration for many, an unnecessary nuisance for others, and then you have the camp that believes it should be forced (or at least made as an available option) everywhere as standard practice :)
For my own part, if 2FA is an option, I'll always enable and use it, but that's not always so. My bank as an example doesn't have the option available to me to just log into my account - opting instead to only force 2FA on money transfers to accounts that have not been transferred to before. I could give dozens of other examples that don't make much sense to "me" personally.
At the end of the day, everyone must reach their own conclusions and decide on what's best for them.
Regards, Andrew
Commented:
And by the way SP does have 2FA.
View More