Best Password Managers: Free and Paid
Stay secure at any budget.
You’re probably wondering if password managers are really necessary.
The short answer: Yes.
The long answer: You may no longer be using the same easy-to-guess combo of your hometown and the year you graduated high school as a password for everything from your bank account to Neopets, but that doesn’t mean you have strong password game.
It doesn’t matter if you’ve perfected your Sherlockian mind palace, you’ll never be able to beat a computer when it comes to remembering long, random strings of letters, numbers, and special characters — and long, random strings of letters, numbers, and special characters are what makes strong passwords.
This doesn’t mean you should entrust your passwords to the first program that asks for it, however. Your browser’s built-in password manager, for example, probably isn’t particularly secure — especially if extra security steps, such as two-factor authentication (2FA) are opt-in — nor is it robust. Some built-in password managers, such as Apple’s iCloud Keychain, force you to use 2FA and are therefore more secure. But Keychain only works on select platforms — spoiler, mostly Apple. There is a Keychain extension for Windows, but it sends approximately 500 requests for 2FA per hour (I uninstalled it after a week).
A third-party password manager solves all your problems. The best password managers are extremely secure, protecting your data via 256-bit AES end-to-end encryption, zero-knowledge technology, and both 2FA and multi-factor authentication. They have apps and extensions for all major platforms, mobile devices, and web browsers. They also do more than just save passwords; they’re packed with additional tools and features, including password generators, security audits, and secure cloud storage, that will take your security from “the 11-year-old across the street could hack you” to “not worth the effort.”
So, which password manager should you be using? There’s no simple answer; it varies, based on your individual situation. After all, the biggest, and most unpredictable, variable in security is always you.
Best Password Managers: Free and Paid
Why you can trust Tom's Hardware
Best Free Password Manager
Platforms: Windows, Mac, iOS, Android, Linux
Browser extensions: Chrome, Safari, Firefox, Opera, Brave, Microsoft Edge, Vivaldi, Tor
Free version: Unlimited syncing
Premium: $10/year
Family: $40/year, 6 users
+ Free version has unlimited sync
+ Open-source, excellent record
- Free version is bare-bones
- User experience is not seamless
Bitwarden has an excellent security reputation: In addition to the industry-standard security protocols, Bitwarden also regularly submits to third-party security audits and makes its code open-source. Bitwarden can also be self-hosted on a local server — which, again, is not necessarily more secure, but is an option for those who want full control over where their data is stored.
Read: Bitwarden Review
Rating: ★★★★½
Best Family Password Manager
Platforms: Windows, Mac, iOS, Android, LInux, Chrome OS, FreeBSD, OpenBSD
Browser extensions: Chrome, Safari, Firefox, Brave, Edge
Free version: N/A
Premium: $35.88/year
Family: $59.88/year
+ Initial device login is more secure
+ Great cross-platform performance
- No free plan (14-day trial)
- Installation is not intuitive
1Password goes one step further than some of its competitors in several cases, choosing security over convenience. The first time you login to any device with 1Password, you’ll need both your master password and a secret key (received at signup) — it’s less convenient but also much safer than password managers that only require your master password.
Read: 1Password Review
Rating: ★★★★
Best for Storing More Than Passwords
Platforms: Windows, Mac, iOS, Android, Linux
Browser extensions: Chrome, Safari, Firefox, Opera, Internet Explorer, Edge
Free version: Limited to one device
Premium: $354.99/year
Family: $74.99/year, 5 users
+ Well-designed interface
+ Family plan includes 10GB storage
- Limited free plan
- Dark web monitoring costs extra
In addition to a well-designed interface and a smooth cross-platform experience, Keeper also has one of the easier-to-use import tools, which is useful if you’ve got your passwords stored somewhere other than your brain. Keeper also has excellent, 24/7 customer support — another area in which many password managers are surprisingly lacking.
Read: Keeper Review
Rating: ★★★★
Best for Cross-Platform Syncing
Platforms: Windows, Mac, iOS, Android, Linux, Chrome OS
Browser extensions: Chrome, Firefox, Safari, Edge, Opera
Free version: Sync across one device category (desktop or mobile)
Premium: $36/year
Family: $45/year, 5 users
+ Consistent cross-platform experience
+ Family plan is cheaper than competitors
- History of data breaches
- Free accounts limited to one device
LastPass is one of the most well-known and widely-used password managers — although recently it's been well-known for less-than-stellar reasons: the company suffered a serious data breach in Aug. 2022 (disclosed Dec. 2022) involving customer vault data (encrypted and unencrypted), as well as unencrypted customer information. A full disclosure of the compromised data can be found here.
Read: Last Pass Review
Rating: ★★★★
Picking the Best Password Manager For You
- Cross-platform performance: It’s not difficult to find a password manager that works with your chosen platforms, as most support a surprisingly wide range of desktop and mobile operating systems and browsers. But the best password manager won’t just work on your platforms, it will work well. What works for you will depend on both the platforms you use and your personal tolerance for different quirks and inconveniences.
- Local or cloud-based storage: The best password managers store your passwords in one of two places: The cloud, aka remotely, on their own super-secure servers; or locally, on your own (super-secure?) server. Cloud-based storage is the best option for most people: It’s much more secure than anything you could hope to rig up, it’s backed up in the event something happens to your device, and you can conveniently sync your passwords across multiple platforms. There are local-storage-only services if you’re particularly paranoid and/or a security wizard. If you just want an offline backup of your passwords in addition to cloud-based convenience, many cloud-based password managers offer this as well.
- Industry-standard security protocols: The best password managers all follow the same industry-standard security protocols. This includes 256-bit AES encryption, end-to-end encryption, and zero-knowledge technology. This means all data is encrypted and decrypted locally, and can only be unlocked with your master password — which nobody, not even the password manager, knows. You’ll also want to make sure your password manager protects logins via 2FA, multi-factor authentication, and/or biometric authentication; is active and up-to-date; and submits to regular third-party security audits.
- Password generator: The best password managers are proactive about password integrity, and include robust password generators that effortlessly create and save strong, unhackable passwords and passphrases. A good password generator has lots of options, and can create passwords that adhere to a variety of parameters — including your own, e.g., “easy to read.” It should also be easy to access (on all platforms) and work seamlessly with the rest of the service.
- Not just passwords: Password generators usually store other types of information in addition to passwords. This includes credit card numbers, bank info, shipping addresses, and a variety of other forms, documents, and IDs. Most of the best password managers have “secure notes” for storing strings of text, and many come with 1GB or more of secure cloud storage.
- Recovery options: Your master password is unknown and unrecoverable — but you might still be able to regain access to your account. There are a variety of recovery options — everything from SMS and biometric authentication to a designated emergency contact — depending on the service. Make sure the recovery options for your chosen password manager are options you can use — and set them up before you lose your master password.
- Extra features: Premium plans on the best password managers often include extra security tools and service, such as password auditing and breach/dark web monitoring. A password audit analyzes the credentials in your password vault and finds compromised, reused, and otherwise weak passwords, and directs you to change those passwords or update/delete the credentials. Some audits also check for expired passwords and websites with optional 2FA. Breach/dark web monitoring tracks data breaches and alerts you if it finds passwords or personal info.
- Price: Many of the best password managers have a free plan; most of these free plans are so strictly limited that they’re unusable for the average multi-device person. But you don’t have to pay — Bitwarden’s free plan has no limits on the number of passwords you can save or the number of devices you can sync across. Many password managers offer 14 - 30 day free trials of their premium services — it’s worth pointing out these trials are often automatically applied and you may not realize what you’ll no longer be able to access once the trial period is up. Family plans give premium service to five or six users and usually cost just a dollar or two more (per month) than an individual plan. All family members get individual secure password vaults (often with extended sharing options); family members can’t access each others’ data unless it’s explicitly shared.
Other Password Managers We Tested
In our quest for the best password managers, we tested a number of other well-known services. Most of these were, in a word, passable, but not good enough to be listed among the best.
- RoboForm
While RoboForm works pretty smoothly on desktop, it is a little clunky on mobile — it still offers the same features and ultimately gets the job done, but to get the most out of the mobile experience, you'll want to switch to RoboForm's browser (though it's not required). That said, RoboForm’s plans are more affordable than most, with discounts if you purchase multiple years in advance.
Read: RoboForm review
- NordPass
NordPass offers a relatively usable free plan: You can store unlimited passwords and sync across unlimited devices, but you can only be logged into one device at a time. This means you’ll need to login every time you switch devices, but once you do you can access your vault from anywhere. But NordPass’s biggest drawback is its poor performance on mobile: It has trouble capturing credentials and filling out forms, which is…most of what password management is.
Read: NordPass review
- Dashlane
Dashlane is a well-known, secure password manager with free, paid, and family plans. The free plan limits users to 50 saved passwords on one device, while the paid individual and family plans offer unlimited syncing, secure notes, dark web monitoring, multi-factor authentication, 1GB of secure cloud storage, and Hotspot Shield’s VPN service. If you’re not swayed by the VPN service, Dashlane’s premium plans will seem pretty pricey: The premium plan for individuals costs $59.88 per year, while the family plan costs $89.88 per year (for up to six users).
Read: Dashlane review
- RememBear
RememBear is the most beginner-friendly password manager we’ve seen, with a simple, clean (and cute) interface; clear step-by-step instructions; and a much-needed injection of humor. RememBear is so beginner-friendly it might have been among the best password managers if not for this red flag: Its mobile apps haven’t been updated in over two years. An email to the company confirmed that the service is still in business, but the best password managers update regularly to stay ahead of new and developing security threats.
Read: RememBear review
Bottom Line
There’s a delicate balance between security and convenience. A password manager can be 100% locked down and secure, but if it’s difficult or frustrating to use, people will take shortcuts that compromise that otherwise perfect security. And that’s if they continue to use the service at all. That’s why it’s especially important to take your particular needs — the platforms and devices you use, the types of credentials you need to store, the extra tools you find most useful — into account when choosing the best password manager for you.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Sarah Jacobsson Purewal is a senior editor at Tom's Hardware covering peripherals, software, and custom builds. You can find more of her work in PCWorld, Macworld, TechHive, CNET, Gizmodo, Tom's Guide, PC Gamer, Men's Health, Men's Fitness, SHAPE, Cosmopolitan, and just about everywhere else.
-
Grobe Too bad Passwordgorilla went abandonware, that was my favorite app to store passwords (no cloud integration).Reply -
Filippo_P Disappointed not to see KeePassX.Reply
It's 100% free.
Nothing stops you from saving the file on OneDrive
KeePassDroid will complete the picture and you'll have the same password file on all your devices -
ThatMouse How does the $3/month one beat out Bitwarden which is free and syncs with all your devices. Can't beat that!Reply -
Crawling8398
I agree. Prospective Lastpass users should read the posts on the Lastpass subreddit before making a decision - many porting to Bitwarden.ThatMouse said:How does the $3/month one beat out Bitwarden which is free and syncs with all your devices. Can't beat that! -
TelmoB
KeepassDX for Android also works pretty well.Filippo_P said:Disappointed not to see KeePassX.
It's 100% free.
Nothing stops you from saving the file on OneDrive
KeePassDroid will complete the picture and you'll have the same password file on all your devices
If Keepass isn't on this list, it was not tried, or this is all paid ads. Really.
Keepass has many more features than any listed and it's completely free and you don't have to share your passwords with any third party companies. -
XCLN Admin said:A good password manager is secure, seamless, and syncs across all of the platforms you use.
Best Password Managers 2022: Free and Paid : Read more
All these have their = and - . I do like Lastpass, but since it was bought by Logmein and is no longer independent, I am presuming it is open to high level security agencies and so not soooo private. or secure as they are known to have breaches.
Best over all for security/ privacy from trusted sources would be KeepassXC, the successor of KeepassX
https://keepassxc.org/
As mentioned also in
https://krebsonsecurity.com/password-dos-and-donts/ -
ChronosVRdS
Fully agreed, is not only free is open-source and actively developed, both the original (my preference) and the highly recommended fork KeepassXC.TelmoB said:KeepassDX for Android also works pretty well.
If Keepass isn't on this list, it was not tried, or this is all paid ads. Really.
Keepass has many more features than any listed and it's completely free and you don't have to share your passwords with any third party companies.
This post was "Native Ad" through and through, not even mentioned Psono an alternative to Bitwarden from Germany, also open-source and free.
Take a look at Privacy Guides - Password Managers for better recommendations for both local (safest) and cloud solutions. -
Unfixed2023
My guess that the LastPass #1 position was paid advertisement, making it look like a ranking was taking place. There's a lot of discontent with LastPass due to limiting the free edition when it got bought out by LogMeIn.Crawling8398 said:I agree. Prospective Lastpass users should read the posts on the Lastpass subreddit before making a decision - many porting to Bitwarden. -
parkerthon Unfixed2023 said:My guess that the LastPass #1 position was paid advertisement, making it look like a ranking was taking place. There's a lot of discontent with LastPass due to limiting the free edition when it got bought out by LogMeIn.
LastPass user here. Have the family plan and it works great for my wife and I plus two kids. Hundreds of passwords stored, multiple shared folders with different level of access(some for kids as well as us, some just us) across 4 PC's, couple macs, and about 10 mobile devices. Aside from having to pay money, what's the downside of LastPass again? I wouldn't pay for a password manager as an individual, so I understand why that's a major criticism, but for families who would be paying for the features and ease of use they want anyway, I'm not seeing any argument against it.