Password Manager Round Up: Never forget a password ever again
By Alex Choros
It feels like we can't go more than a couple of months without hearing about a big hack, security breach or software vulnerability. This year alone there's been Heartbleed, Catch of the Day, eBay and the alleged heist of 1.2 billion passwords. Aside from the inherent safety risk to users, these threats are often frustrating too: going through and changing each of your passwords gets old very quickly.
Security experts tell us that we should use different passwords for each website, but we rarely do. After all, who wants to remember so many different passwords? I've easily got over 30 different sets of credentials for online services alone.
There is a solution though: a password manager. These utilities keep all of your existing passwords behind a single master password. As such, it's easy to generate unique, strong passwords (like Aj^ku-32-54e@l2-43$4) for each website you use, while only having to remember one.
Setting up a password manager can take a bit of time, but the investment is definitely worth it in the long run. You'll be thanking yourself next time a website gets hacked and you only need to change one password.
We're taking a look at three of the best password management options, LastPass, 1Password and KeePass. All three are similar programs, requiring a master password to access to your credentials. These all use 256-bit AES encryption, making it almost impossible for your credentials to be compromised.
LastPass is a cloud-based password management service, available in both free and premium versions. The majority of LastPass' features are available in the free version, but the premium adds support for mobile devices. LastPass has dedicate apps for iOS, Android and Windows Phone. The premium version is subscription based, and will set back users USD$12 per year.
LastPass is almost completely web based, but users can download extensions for their browsers. Clicking on the extension's icon will initiate signing-in to the website. Extensions are available for Chrome, Internet Explorer, Firefox, Safari and Opera. These extensions let you populate your password vault as you sign into pages for the first time.
LastPass also offers two-step authentication, which demands a second security code whenever you login to a new device for the first time. In addition, LastPass will email users security alerts when sites or services they belong to may have been hacked.
A 14 day free trial of LastPass premium is available.
1Password is a desktop based password management service; rather than storing a user's credentials in the cloud, they are stored in a local database. This database can then be synced to other devices through either iCloud or Dropbox. Those who'd prefer to avoid the cloud entirely have the option of syncing through WiFi or iTunes.
1Password is available for Windows, Mac, iOS and Android, and extensions are available for Safari, Chrome, Firefox, Internet Explorer and Opera. As with LastPass, these extensions allow you to add credentials to your database as you sign into websites. A 1Password Windows Phone app exists, but it's functionality is very limited, and has not been updated since 2013.
If you use both Windows and Mac computers regularly, 1Password can be an expensive purchase. The password manager costs USD$34.99 for a single license for either Mac or Windows; a bundle with both is available for USD$48.99. 1Password's iOS app costs AUD$12.99. The Android app is priced similarly, but is currently available for free. It is unclear whether those who download it now will be required to pay the full price when the promotion expires.
While 1Password is more expensive up front, there are no on-going subscription fees.
A 30 day free trial is available for the desktop versions of 1Password, and users are eligible for a 30 day money-back guarantee.
At present, 1Password is a much more cohesive experience on Apple's platforms.
KeePass is a free, open source password manager. The program's open source nature means it has been ported to almost every device imaginable. Desktop versions are available for Windows, Mac and Linux, and mobile versions are available for iOS, Android, Windows Phone, Palm OS, BlackBerry and even WebOS. The majority of these versions are free, although some developers have chosen to charge for them.
KeePass provides a bit more a barebones experience than 1Password and LastPass; no browser extensions are included by default. From a usability perspective, this makes KeePass a little less intuitive than the others. However, third party extensions have been developed, adding tighter integration between KeePass and browsers.
As with 1Password, KeePass is desktop based rather than cloud based. Given the development's decentralised nature, syncing can be a bit more rudimentary, and not every version treats it the same. For the most part though, it is possible to keep a copy of your password database in Dropbox, Google Drive or OneDrive.
KeePass is a capable password manager, but one that will take a little more tinkering to get up and running. Shortcomings aside, it's always hard to argue with free.