Best Password Managers 2017

With a password manager, you won't need to remember unique, long, complex passwords for every online account. The software will remember it for you, strengthening your password security and minimizing your risk the next time there's a massive data breach. You need to remember only a single "master" password to the password manager itself.

Credit: / ShutterstockCredit: / Shutterstock

Based on our extensive testing of seven services, focusing on ease of use, platform support, security and overall performance, the best overall password manager is LastPass, which offers an ideal combination of ease of use, convenience and security.

Dashlane was a close runner-up, thanks to its nifty ability to reset all your passwords at once.

We also liked True Key's forward-looking biometric authentication, Keeper's simplicity and Sticky Password's user-friendliness, although each lacked features we consider essential.

Two other password managers are best suited for niche segments: 1Password for Mac users, and KeePass for tech-savvy users of Linux and other open-source software.

What to Look For

All seven password managers we've reviewed secure your data, both on your machine and in the cloud, with the toughest form of encryption in wide usage today. All have software for Windows, Mac OS X, Android and iOS. All have free options, though only KeePass is entirely free. All can be installed on an unlimited number of devices for a single (usually paid) account, and most can store an unlimited number of passwords.

All of the password managers we reviewed can also generate new, strong passwords for you (though not always on the mobile version), and some will alert you to the latest data breaches. Most offer a two-factor authentication option for master passwords. Many offer to save your personal details, credit-card numbers and other frequently used information so that they can quickly fill out online forms for you. Finally, none can recover your master password for you if you forget it, although some let you reset that password to something else.

Cloud vs. Local Management

1Password and KeePass primarily store the user's "vault" of passwords and other sensitive information locally, i.e. on one of the user's own devices. There's a security advantage to that, as none of the data has to ever reach the internet, but it can be a hassle to synchronize the vault with other devices.

Far more convenient are cloud-based password managers, which include LastPass, Dashlane, Keeper and True Key. These services keep encrypted copies of your vault on their own servers and make sure all your devices are always synced.

The risk, although it's small, is that one of the services could be compromised and your passwords released out into the wild. (The seventh password manager, Sticky Password, can work as either a device-based or cloud-based manager, and there's a somewhat pricey cloud-based subscription option available for 1Password.)

How We Tested

We installed and used all seven password managers on a Windows 8 laptop, an iPad Mini and a Samsung Galaxy S6 Android smartphone. Additional testing was done on an iPhone 6s Plus, a OnePlus One Android smartphone and a Windows 10 laptop.

We took into consideration each service's ease of use, variety and usefulness of features, and its security practices, especially concerning two-factor authentication. Design was noted, but did not factor into our rankings, and price was considered only when two or more premium password managers were otherwise roughly equal.



True Key


Sticky Password



Create a new thread in the Audio forum about this subject
    Your comment
  • Math Geek
    i use last pass and love it. has it's quirks but overall it works very well and keeps all my pc's and mobile stuff synced with passwords. can change it on one system and it gets changed on them all :)
  • misry
    I use lastpass via Chrome linked to an email that's used for nothing else. Make the master password long but easy to remember and you are golden.
  • cfoam5
    Nice comparison but you left one critical data point out - How many of these companies have been hacked? 6-15-15 "On Monday password manager service LastPass admitted it had been the target of a hack that accessed its users’ email addresses, encrypted master passwords, and the reminder words and phrases that the service asks users to create for those master passwords." Seems we need to revolt against providing so much personal information just to create an account. Does Yahoo really need to know my mothers maiden name just to serve up email? Start using a different name or different birth date of someone else. We need better privacy laws in the USA! To hell with storing anything in the cloud where it can be hacked.
  • Paul Wagenseil
    LastPass has indeed been hacked into a couple of times, but I haven't heard of any account takeovers as a result. With regard to the incident you mention, the severity depends on how strongly those passwords were hashed.

    You could argue that LastPass gets hacked because it's got the highest profile. (That's Microsoft's argument, anyway.) Or you could choose to avoid LastPass because it's had to settle two different complaints with the FTC over false advertising, or because it got bought by LogMeIn. But none of those facts affect its usability and value as a service.

    As for the password-reset questions such as "What was your mother's maiden name," getting around that is easy. You can, and should, lie, especially when the answer is something that can be easily discovered. So tell them your mother's maiden name was Minnie Mouse or Olive Oyl, and just remember that.