Here’s the contradiction: you need secure, unique and
hard-to-remember passwords to protect your online (and offline) accounts
from being hacked. However, remembering those secure, unique and
hard-to-remember passwords is another matter entirely. Thankfully there
is a solution, and it’s called a password manager.
There are dozens of password managers to choose from, but in this
guide we’ll showcase four of the better ones, ensuring that you set
safe, secure passwords without having to worry about remembering them.
Most password managers work like this:
you set up an encrypted file – or vault – into which all of your unique
passwords are stored. This vault is “locked” with a master password, so
as long as you can remember that, you’ll always be able to access your
other passwords.
KeePass provides with a secure offline place to store all your sensitive passwords.
Of course, a master password can be guessed, so the better password managers go further. Open-source favourite KeePass
allows you to create special key files, which need to be provided with
the password when unlocking the vault. You can also lock files to the
current Windows user account and even use a special USB drive called a
YubiKey to provide another level of authentication.
Speaking of providing secondary hardware devices to provide extra protection for your passwords, Sticky Password Free
allows you to add any USB or Bluetooth device as a secondary form of
authentication, thus increasing your vault’s security that little bit
further.
Sticky Password also ships with browser plug-ins, so it can
automatically fill web login pages as you visit them (KeePass requires
you to drag-and-drop or use hotkey triggers). But the Free version is
limited to just 15 passwords – for full functionality you have to pay
$29.99 for the full version.
One worry with offline password managers is what happens if your
encrypted vault is corrupt? Obviously you can manually backup your
files, but 1Password for Windows and 1Password for Mac
both let you sync your encrypted database to Dropbox for protection
against data loss. Note both are trial versions only – the full version
costs $49.99 per license.
LastPass stores your passwords online, so they're available from all of your computers and devices.
Another way to avoid this potential calamity is to entrust your
passwords (encrypted, of course) to the cloud, and if you’re happy to do
so then take a look at cross-platform beauty LastPass,
which works seamlessly across most major browsers, and also allows you
to store other confidential information online too. It’s free, although
you’ll need to purchase a Premium subscription if you’d like to be able
to sync passwords with your mobile devices. or add support for YubiKey
authentication.
LastPass can also detect when you’re signing up for a new site and
offer to quickly generate a secure password for you – something the
other tools also offer, but LastPass makes the process effortless.
LastPass also offers to review your existing passwords, alerting you
to any insecure ones you can then quickly make secure with its help.
Ultimately which password manager you go for depends on your
individual needs: Sticky Password offers the best blend of features and
security for both online and offline use, but there’s a price tag
attached. If you’re happy to store your passwords in the cloud, then
LastPass wins for its ease of use, but for a portable, offline solution
that won’t cost you a bean, KeePass is well worth considering.
KeePass 2.21 and KeePass Portable 2.21 are both available as free, open-source downloads for Windows (other platforms are also available). Sticky Password Free 6.0.9.439 is available as a function-limited free download for Windows, while LastPass 2.0.20 is available as a freeware download for Windows, Mac and Linux. Also available are LastPass for Windows 8, LastPass for Android and LastPass Tab Browser for iOS.