To avoid drowning in usernames and passwords that you have to remember, we help you choose a password manager. We'll outline important choices you need to make with a password manager, and then we'll tell you how popular password managers handle those choices.
01 Introduction
We are literally drowning in the sheer amount of usernames and passwords we have to remember. Using too many of the same passwords is not safe, too many different ones are simply impossible to remember. And in addition to all those strong, long passwords, we also increasingly have to remember all kinds of security questions (and the answers), in case we do forget a password.
In short: too much to remember for a normal human brain. So using a good password manager is highly recommended. We'll cover KeePass, 1Password, Dashlane, and LastPass—four popular and well-known password managers. They all just do some things a little differently. We try to help you determine which password manager is most suitable for you.
KeePass is primarily a Windows application and probably the best known password manager. 1Password focuses mainly on OS X and iOS and has the best applications there. However, there is also support for Windows and Android. Dashlane targets all platforms and also works primarily with a desktop application. Only LastPass really lives entirely in the browser.
02 Online or offline
The first and most important choice you have to make is whether you want to sync your passwords and if so, how you want to do it. If you use multiple devices, you probably want some form of sync. You often also have the option to log in anywhere. You can choose to put your entire password database in the cloud and outsource the synchronization entirely. Another option is to arrange it yourself, by means of a cloud service such as Dropbox, a network drive or by simply connecting two devices.
When you hand over everything, you have to take attacks into account. LastPass, for example, has already been hacked more than once. Now those kinds of services are somewhat resistant to that. In the case of LastPass, the hackers ended up getting their hands on only encrypted password databases that they can't do anything with, provided you set a strong password. Ideally, you should also use two-step verification.
Both KeePass and 1Password both work with databases that you can store anywhere. You can then choose whether and how you want to synchronize these databases. With KeePass, you can use third-party apps and sync passwords via a cloud service like Dropbox. 1Password can also sync your passwords via a cloud service, but adds the option to only do this via WiFi in a local network. That only works from a PC to mobile device. Dashlane and LastPass both work completely online where all your passwords are stored encrypted. Both services do not store your master password (which you use to access your passwords) online, of course.
03 Browser Integration
Most of your passwords are entered in the browser, so an important part of a password manager is how well it integrates with your favorite browser. Sure, most password managers integrate with the most popular browsers, but there's still quite a bit of difference in quality. In addition to entering passwords, it is also up to a password manager to store and remember your passwords and to generate passwords, so that the login and registration process of websites is made as easy as possible.
It is very useful if a password manager has the option to automatically change your password on certain websites, something that is often difficult to find on different sites and therefore only done by few people. Finally, some password managers issue notifications when a website has been hacked. Then you know when to change your password.
In terms of browser integration, only LastPass lives entirely in the browser. With KeePass you are dependent on extensions from third parties. LastPass and Dashlane both have good browser integration, with options to save, create, generate, and autofill credentials. LastPass supports most browsers. 1Password also has an extension, but it works less than the others. For example, to automatically fill it in, you have to search the desktop application.
All services, except KeePass, have the option to analyze your passwords and websites. For LastPass, you then give one-time permission to open and analyze your vault. It is then indicated on which websites you have to change your password, because those websites have been hacked, for example. In addition, it lists the websites on which you use weak passwords, the same passwords, and passwords that are too old. Dashlane and 1Password do that a little better and continuously show you which passwords are weak, duplicate or hacked. With 1Password you have to enable that function yourself, via Show / Watchtower. With LastPass and Dashlane it is possible to change the passwords on a number of websites directly from the password manager, without having to log in yourself.
04 Mobile
Password managers on your mobile have the advantage that you can easily log in to your favorite services there too. Many password managers are supported by both iOS and Android, but as with browser integration, there are varying degrees. For example, some apps can automatically fill in passwords in the browser and in other apps. That goes for both Android and iOS, although it often works better on Android. In addition, you may want to be able to manage your passwords on the go. Some apps have an integrated browser, which makes it even easier to log in to the websites, or a separate keyboard to quickly enter passwords.
LastPass has apps for iOS, Android and Windows Phone, both on the tablet and on the smartphone. The apps contain a built-in browser with which you can easily log in. It is possible to add new passwords, profiles and forms. Dashlane has apps available for iOS and Android. The mobile apps include all of the program's features on the desktop, with one exception: tracking your online purchases. A major drawback is that Dashlane on Android cannot enter passwords in the browser. You must use the built-in Dashlane browser for that.
LastPass does have this capability, for example. 1Password also has apps for Android and iOS. On Android, a special keyboard is used to enter passwords. With 1Password you are therefore dependent on a cloud service or through the desktop application for synchronization. The latter option requires you to activate a Wi-Fi server on your desktop to sync your passwords. With KeePass you are dependent on third-party apps. One option, for example, is KeePass Touch for iOS. This app has the ability to enter passwords directly from Safari, just like the competition does.
05 Import/Export
Importing passwords is important so that you can easily add your already existing passwords to a new password manager. Export options are also important, so that if you want to use another program, that is also possible. Dashlane has extensive options for importing and exporting. Import is possible from Firefox, Chrome and Internet Explorer, and from LastPass and RoboForm Everywhere, among others. 1Password also supports LastPass and RoboForm, but also has a community-developed tool to import passwords from many more applications, including OS X keychain and KeePass. Exporting to a CSV file is possible as usual.
KeePass has built-in support for 1Password and RoboForm, but nothing else. However, KeePass has built in a handy wizard with which any CSV file can be imported. You can then indicate which column contains which data. That is very useful. With LastPass, importing is only possible from your existing browser password manager or from any CSV file. Exporting is only possible to a CSV file.
Related to exporting and importing is password sharing. It can sometimes happen that you want to give someone (limited) access to your account. LastPass has the option to share a password to other LastPass users. You can choose not to reveal the password. The same goes for Dashlane.
06 Extras
KeePass has a ton of plugins available, a real living ecosystem. With the basic functions of KeePass it is possible to fill in anywhere with the Auto-Type system. That will type the username for you, press TAB and type in the password. That works fine. You can also let passwords expire. KeePass is also the only open source. LastPass also includes a desktop application with the option to automatically fill in credentials in other desktop applications.
However, the desktop program doesn't work nearly as well as the browser extension (which LastPass is actually made for) or KeePass. LastPass, KeePass, 1Password, and Dashlane all remember your password history. That can be very useful sometimes. LastPass and Dashlane offer the added option of automatically changing your passwords. Dashlane is also the only one that can store receipts for your online purchases, although you can do something similar with KeePass because it allows you to add all kinds of files to a record. The paid services also have the option to sound the alarm if a website has been hacked. 1Password and Dashlane are more proactive in this than LastPass, the latter only does it if you give explicit permission to do so.
07 Prices
The last choice is how much are you willing to pay for a good password manager? KeePass is free. And many of the other password managers discussed have a free option available. By far the most attractive is LastPass, in which you only have the restriction that you can use it on three devices at the same time, which must also be of the same type. So three PCs or three smartphones/tablets. Switching is not allowed.
Furthermore, you can only enable two-step verification with the premium variant. It costs $1 a month or $12 a year, making LastPass the cheapest of all paid services. The free version of Dashlane is a bit more limited: synchronization is impossible, but you can save unlimited passwords (just don't consult them online). The Premium version costs $40 per year. 1Password is by far the most expensive service of all, costing a one-time $64.99. There is no free version of this service available, but you can try it out for 1 month. It is a pity that although you get mobile apps with the Premium version, there are still in-app purchases for extra pro functions. You still have to buy it separately. Alternatively, 1Password has a family plan for $5 a month (converted $60 a year), which can be used with up to 5 users.
Conclusion
We've put together the most important choices you'll have to make when choosing the right password manager, as well as how some popular password managers handle them. The first choice you have to make is not so much whether you want to save your passwords online or offline, but whether you think synchronization is important. If so, you have to make the choice whether you want to outsource it or arrange it yourself. If you want to arrange it yourself, you will have to choose KeePass or 1Password. If you prefer more ease of use, choose Dashlane or LastPass. After that, we recommend that you test your password manager's browser integration and mobile apps, which are two important parts of your password manager.
Other features worth considering are password import/export, sharing, perks, and of course, price. In terms of price, KeePass is the free solution and LastPass is the cheapest. We think 1Password is very expensive and Dashlane is in between.
