IT’S AN INTERCONNECTED world out there, and while it might be more convenient if one company acted as the gatekeeper for the array of services you subscribe to, overall it would probably mean that the technology of the future would be boring and homogenized.
The problem is that when you subscribe to a lot of different services, you’re usually also forced to generate a lot of different passwords. This is actually a good thing. After all, your bank information is likely linked to many of accounts, as well as your purchase history, media browsing habits, and a slew of other private information that you’d prefer protected.
But if you’re the kind of person who constantly resets passwords and usernames, or worse, recycles the same password you’ve been using for the past seven years, it’s time for a serious upgrade. You need a password management tool.
Password managers are great because they store all your passwords, generate strong ones for you, and in general, the only password you have to remember is the one to open your password manager. It’s time to put an end to using “123456” or “password” to lock your accounts. Password managers aren’t just for convenience’s sake; think of it as good online hygiene.
Most password managers save and generate secure passwords for you, meaning you only have to remember one password—the one that opens your vault. So make it a strong one.
LastPass is one of the most popular free password manager apps out there. It works on both your desktop and your phone (Android or iOS). LastPass, like many other password managers, autopopulates your password on websites, as well as personal information you use to fill out forms. This is a feature that many have become accustomed with on popular Internet browsers like Chrome and Firefox, but think of your password manager as a more secure, centralized version of that, so it will save passwords across applications and websites.
This app is more than just a locker. It also has an important password generator that creates strong passwords instantly and remembers them for you. One cool thing is that LastPass automatically audits passwords you have stored, alerting you when you it finds duplicates or when it’s time to change an old password—a smart move for protecting your accounts from getting breached.
The interface is easy to use. But f you want to sync your passwords between your phone and desktop, you’ll have to use the pay-for version for $1 a month.
A huge disclaimer, though: LastPass was hacked recently, so if you’re in need of high-level security, always be sure to do your research. In 2015 company admitted to a breach that exposed user email addresses, password hints, and encrypted master passwords, but the company appears to have responded promptly and the majority of users were protected. And earlier this month a security researcher unveiled another hole in the app’s security that may allow attackers to obtain personal details via a phishing attack by simulating the login sequence, and again the company responded promptly reporting that the process of email verification protects users from this vulnerability.
Another free password manager that works on across phones and desktops is Dashlane. Its design is slick and easy to use, and similar to LastPass, Dashlane creates strong passwords for you, saves them, and autofills Web-forms with personal information. So the only thing you need to remember is your master password to open the encrypted vault. A one-password-to-rule-them-all kind of thing.
It’s possible to install Dashlane for free on multiple devices, but if you want your data to sync across your phone, your desktop, and accessible online, you’ll have to pay around $3 a month to get that service. Dashlane also provides a digital wallet option that stores your bank account information for easy shopping. The digital wallet also allows users to capture and save receipts from purchases, which is actually pretty cool.
The app doesn’t store master passwords or password hints for security reasons, perhaps hedging Dashlane from some of the vulnerabilities that have surfaced with LastPass.
KeePassX is your open source option—an important detail for the security-concerned. Otherwise, you’re forced to trust that the company you pick hasn’t installed any backdoors. Even if you don’t know your way around the backend of applications, knowing that the project fully discloses its source code and that independent researchers can audit it should give you some peace of mind. After all, transparency—when properly implemented—is a powerful tool.
KeePassX is compatible with an array of free software password apps for mobile phones, but in order to sync your passwords across devices, you’ll have to upload your encrypted password file with an online storage service like DropBox or Google Drive.
While KeePassX is the recommended option amongst some security professionals, it isn’t that easy to use. The user experience just isn’t as streamlined as the commercial alternatives. Still, it does generate strong passwords for you, and is frequently updated. The developers allow users to write plugins to make the app work for them, and that customizability is a huge asset to the more technically inclined.
Sticky Password is also worth checking out if you’re in the market for a password manager. Similar to LastPass and Dashlane, you can download the desktop and mobile app, but need to subscribe to their service for cloud syncing. It also has a secure random password generator and autofills online forms.
The cool thing about Sticky Password is that it allows for biometric confirmation: You can use your fingerprint to authenticate your identity on a mobile device. Sticky Password’s premium option also permits Wi-Fi syncing across devices, so your encrypted data never has to leave your device and you don’t have to trust the cloud. And if trusting the cloud is a breeze for you, Sticky Password also offers to host an encrypted backup database online for those who opt-in, just in case you lose your device.
The interface is easy to use too, but if you want to access the cool biometric authentication tool and Wi-Fi syncing, you’ll have to pay. It costs $20 for a year’s subscription.