Best Password Managers 2019

Product Use case Rating
Dashlane Best Overall 4.5
LastPass Best Free Tier 4.5
Keeper Best Security 4
Enpass Best Value 3.5
1Password 3
Zoho Vault 3

Using a password manager may be one of the easiest ways to make your online accounts more secure. You won't need to remember a unique, long, complex password for every online account. Instead, the password manager remembers each password for you, strengthening your security and minimizing your risk the next time there's a massive data breach. The only password you'll need to remember is the single "master" password to the password manager itself.

Based on our extensive testing of seven services — in which we focused on user experience, platform support, security and overall performance — the best overall password managers are Dashlane and LastPass, which offer the ideal combinations of ease of use, convenience and security.

Dashlane has a well-designed desktop application and a tool that changes your passwords on hundreds of websites simultaneously, and now has a fully interactive website interface and support for Linux and Chrome OS. However, Dashlane recently raised the price of its Premium plan by 50 percent, giving LastPass and especially Keeper, our second runner-up, even more of a price advantage.

LastPass' free version is unlimited and versatile; it recently also raised the price of its paid versions by 50 percent, but they're the most full-featured of any password manager.

We also liked Keeper's strong security and Enpass' flexibility, although each lacked certain conveniences.

Two other password managers are best suited for niche segments: 1Password for Mac and iOS users, and Zoho Vault for couples and small families who want to share passwords. The seventh password manager, RoboForm, is the oldest on the list, and while it does a competent job, it needs an overhaul before we can recommend it over any other product.

News and Updates

— A new phishing campaign is targeting Android and iOS smartphone users with phony Google Calendar push notifications. ADVICE: Don't tap or open notifications and invitations you're not expecting or from people you don't know.

— The online invitation service Evite admitted it suffered a security breach that may have exposed the account passwords of millions of users. ADVICE: Change your Evite password, change the passwords of any other accounts where you might have re-used that password, and get a password manager if you don't already have one.

— 1Password has expanded its support of two-factor-authentication security keys to include all U2F keys, including Feitian, Google and Yubico keys. Previously, 1Password supported only Yubico's proprietary Yubikey format.

What to Look for in a Password Manager

All seven password managers we reviewed secure your data, both on your machine and in the cloud, with the toughest form of encryption in wide usage today. All have software for Windows, macOS, Android and iOS. All have free options, but none of them are entirely free.

All can be installed on an unlimited number of devices for a single (usually paid) account, store an unlimited number of passwords and generate new, strong passwords for you (though not always on the mobile version). Some alert you to the latest data breaches. Most offer a two-factor authentication option for master passwords.

Many offer to save your personal details, credit-card numbers and other frequently used information so that they can quickly fill out online forms for you. (You don't have to do this, but it's safer than letting the retail website save your credit-card information.) Finally, none can recover your master password for you if you forget it, although some let you reset that password to something else.

Best Overall: Dashlane

Dashlane now has support for Linux, Chrome OS and the Microsoft Edge browser and has made its website interface truly interactive, matching LastPass in platform support and, with its excellent desktop software, surpassing its chief rival in interface flexibility.

Dashlane's killer feature remains its bulk password changer, which can reset hundreds of your passwords at once, saving you time and worry in the event of a major data breach. There's also a scanner that goes through your email inbox on iOS or Android to find online accounts you may have forgotten about. The password manager is well designed, easy to use and possibly the best at filling out your personal information in online forms.

Dashlane's main drawback is its high price. When we last reviewed the service, it was $40 per year for the paid plan, already more than most of its rivals. But in July 2018, Dashlane jacked its Premium plan to $60 per year and added a Premium Plus plan that run $120 per year. At the same time, it capped its free plan, which once offered unlimited password storage, to 50 sets of credentials.

To be fair, the Premium plan now comes with a dark-web monitoring service and an unlimited VPN service. To that, the Premium Plus plan adds credit monitoring, identity-restoration assistance and identity-theft insurance. Taken together, all these features may justify the higher prices, and we look forward to giving them a thorough review soon.

Best Free Tier: LastPass

LastPass shares our Editor's Choice award with Dashlane because of its ease of use, support for all major platforms, wide range of features and variety of configurations. The free version of LastPass syncs across an unlimited number of devices and has almost as many features as the paid version. However, the paid version's price has tripled in the past few years, going from $12 per year to $36 per year.

You don't need to install an application on your computer to use LastPass. Instead, the software lives entirely in browser extensions and in a full-featured web interface.

Best Security: Keeper

Keeper ($25.49 per year for the premium service) is fast and full-featured, has a robust web interface, stores files and documents of any kind,  offers perhaps the best security of any password manager and is now cheaper than both Dashlane and LastPass. The trade-off for that enhanced security is a bit of inconvenience: Keeper chooses not to have a bulk password changer, and it won't let you create a PIN to quickly access the mobile app. If you have an older phone that can't read your fingerprint or your face, you'll have to enter the full master password every time.

Best Value: Enpass

Enpass has a strong free desktop version, and a more limited one for Android and that's limited to only 20 passwords. But the premium software on Windows, Mac, Android or iOS costs a one-time flat fee of $11.99 per platform. (The Linux version is entirely free.) There are no recurring subscription fees.

Enpass handles all the basics quite well, but you'll have to sync your own devices via Dropbox or a similar service, as Enpass doesn't offer any cloud-syncing of its own. (Some users might see that as a security advantage.)

The Enpass desktop interface is a bit spare, but functional; the mobile apps are sleek and handle biometric logins. Enpass says a local-sync feature is in the works, which would make the service ideal for users who are wary of putting their data online.


1Password's Windows and Android versions have finally reached rough parity with their Mac and iOS equivalents, but many functions still feel clunkier than they are on newer password managers. 1Password now asks new users to sign up for a $36 yearly cloud subscription, although for $65, Mac users can buy the older stand-alone application that lets them sync devices locally.

However, 1Password's new browser extensions for Chrome and Firefox, dubbed 1Password X, mostly replicate the desktop experience and work directly with web browsers instead of operating systems. Better yet, they extend 1Password to Chromebook and Linux users.

Only cloud subscribers can use 1Password's killer feature, a Travel Mode that deletes sensitive data from your devices (you'll get it back later) so that snooping border-control agents can't find it. 1Password also has great form-filling abilities, and it has finally added true two-factor authentication.

Zoho Vault

Zoho Vault is part of a larger suite of paid enterprise tools, and the company makes the password manager free for individual personal use. (Group plans that can be used by families start at $12 per user per year.) You won't get consumer-friendly features such as personal-data form filling or a bulk password changer, but all of the essentials are in place and work smoothly.

Unlke EnPass, Zoho Vault will do the syncing for you using its own servers, and there's no fee to sync across all your desktop, laptop and mobile devices. The only drawbacks are that Zoho Vault sometimes trips over Google logins (there's a somewhat technical workaround) and that LastPass does even more for free.


RoboForm has been around since 1999 and, unfortunately, shows its age. At $24 per year, its premium version isn't expensive, and the service has excellent form filling and runs on a wide variety of platforms and browsers. But its website interface is still read-only, its desktop software can be confusing (the mobile apps are a little more user-friendly) and its functionality is limited. RoboForm needs an overhaul to compete with even the free version of LastPass.

How We Test Password Managers

We installed and used all seven password managers on a dual-boot Apple laptop running Windows 10 and macOS 10.12 Sierra, an iPad Pro 12.9, a Samsung Galaxy S8+ and a Google Pixel. The primary browser we used was Google Chrome on all platforms, but we also used Apple Safari on macOS and iOS.

We considered each service's ease of use, user interface, variety and usefulness of features, and security practices, especially concerning two-factor authentication. Price was considered only when two or more password managers were otherwise roughly equal.

Cloud vs. Local Management

1Password gives you an option to store and sync your "vault" of passwords and other sensitive information locally (in other words, only on your own devices) without using the service's cloud servers. There's a security advantage to that because none of the data will ever need to reach the internet, but it can be a hassle to synchronize all of your devices. (Enpass plans to add a similar local-sync feature, but for now, you'll have to sync your devices using third-party file-sharing services such as Dropbox or iCloud.)

Far more convenient are cloud-based password managers, which include LastPass, Dashlane, Keeper and Zoho Vault. (1Password's default mode is also cloud-based.) These services keep encrypted copies of your vault on their own servers, ensure all your devices are always synced and encrypt the transmissions between your devices and their servers.

The risk, though small, is that one of the cloud-based services could be compromised, and your passwords could be released out into the wild. (LastPass has had a number of documented security issues, all of which have been quickly fixed, and has not lost any passwords.) And whether it's local or cloud-synced, a password manager puts all your eggs in one basket, so to speak. But for most people, the demonstrable security benefits of using a password manager far outweigh the disadvantages.

This thread is closed for comments
    Your comment
  • Paul Wagenseil
  • tslifkin
    Be aware that some of these tools do NOT store passwords on your device and so you CANNOT see them if you are not online. OK if you live at work or at home always connected. No so much if you travel or move around a lot. Keeper JUST CHANGED THEIR DESIGN. You can still see your passwords when not connected, but you CANNOT EDIT. so you cant add new data or do any editing if, for example, you are on long flight or a location without an inmediate link. This is a BAD THING and indicative of companies taking the easy way out to get your cash but reduce the meaningful feature sets! Just be careful!
  • edwardmeijers
    Why is safe in cloud not compared?
  • google02
    You are wrong to imply that 1Password is not available for Windows as of 2018. My hosting company uses 1Password internally. It should be included in your comparative review.
  • merytsekhmet
    I had a premium account with LastPass for about 5 years. This week I unsubscribed after hearing they were killing off XMarks. I was particularly disgusted because the news was sent very shortly after they renewed the joint subscription. Happily though, I am far more satisfied with Dashlane and Eversynch so LastPass did me a favour in the end.
  • jslezak57
    I purchased Dashlane only to find out that it doesn't have full functionality in MS Edge (default browser windows 10). It wanted to force me to use Chrome or IE. I tried to use the online chat, only to hear that "the software will improve with time". I requested a refund because when I purchase a software app, I want something fully functioning - not a "beta" that leaves me with partial functionality!
  • merytsekhmet
    2716244 said:
    I purchased Dashlane only to find out that it doesn't have full functionality in MS Edge (default browser windows 10).

    I refuse to use Edge even though it is among the bloatware that came with Windows 10. I use Firefox and Chrome and have had no problems.
  • hokfujow
    I'm amazed that Lastpass is still getting such high ratings. Go on their forum and read the thread in troubleshooting about not saving passwords. Lastpass does not reliably save new passwords entered for web accounts. People create new accounts, use LP to generate a new password, and then discover that it wasn't saved and they have no idea what the password for their new account is. It's been happening to me more often than not. I'm not going to renew my premium account, and switching to something else.
  • vsneers
    2717992 said:
    I'm amazed that Lastpass is still getting such high ratings. Go on their forum and read the thread in troubleshooting about not saving passwords. Lastpass does not reliably save new passwords entered for web accounts. People create new accounts, use LP to generate a new password, and then discover that it wasn't saved and they have no idea what the password for their new account is. It's been happening to me more often than not. I'm not going to renew my premium account, and switching to something else.

    I 100% agree with this. I used LP for around 2 years with Chrome and found it would constantly not update any changed passwords in the vault properly and so seeing as I used LP to generate the password in the first place and it then didn't save it or saved a messed-up version of it that just contained a bunch of dots, I would end up generating a password, copying and pasting it to Notepad and then manually adding it to the vault at which point I thought what is the point of LP, I might as well do this myself and save me the money.

    Plus a recent major security breach causing all my passwords and banking details to be hacked by someone and the lack of support from LP, was the last straw for me. If someone does try to access your account with them then they don't actually stop the person, they just send you an email or notification on your phone telling you but do nothing about it to block them. This happened to me overnight while I was in bed and unable to respond to the notifications and despite the hacker using an entirely different IP address and location (their IP address even said it was from, they did nothing to block their access and due to the hacker having access to my email account, they were then able to request a password and login email reset from LastPass who duly obliged. I spent the next couple of days desperately trying to get in contact with LastPass as I was locked out of my own account and all they did was send me links to articles about either changing your password or if your email address was compromised, suggesting to just set up a new account and start again changing passwords. Meanwhile the hacker still had full access to my account!

    As hokfujow says, their forum is full of people complaining about the service and they never seem to respond to the posts. I'm amazed how they still get to the top of most recommended password manager lists.
  • redneck1st
    Mr Waenseil talks out of both sides of his mouth. He gives Roboform 5/5 then talks negatively about the program and all it's short comings. You cant have it both ways Paul. It's either a good product or it's not. It cant be both.
  • henrikp
    I used LastPass for a while until I realized it routinely didn't save my generated passwords. The UX is ok, but buggy and crashes, and the app just isn't reliable. I won't be trusting it to handle anything of importance again.

    After an incident where a generated password that (again) didn't save made me unable to reach some important files I needed, I contacted their customer support, and that's when it turned really bad. Their support is basically a channel that repeats "you may experience loss of data, as stated in our Terms of Use." Not something you want to hear from a password vault company! I've experienced some really bad customer service in my life (and some great, luckily), but the dialogue with LastPass convinced me that this is not a company I want to entrust my private passwords to.

    I do realize that encrypting something without knowing 100% sure that the password was saved was careless on my part, and not something I will repeat, but then again, you use this software because it's supposed to be trustworthy. And it's just not.

    I'd stay away from them. They're cheaper for a reason.
  • lovingboth
    Why is LastPass rated 4/5 in its review, but 2.5/5 here?
  • Karadjgne
    #1 password manager I own is a pad of paper that sits next to my monitor. Never fails to save passwords, is not visible online to anyone. It's only flaw is that it won't auto-populate passwords by username onscreen.
  • unklepowers
    I'm always amazed that password app reviews like this one never mention Mobile Password Safe (

    It's a completely FREE service for managing all your passwords, or any other data you want to always have private and secure access to (credit cards, bank accounts, DMV records, etc.) It is fully configurable and can store any kind of numerical and text data. And being a web app it is platform independent. You can access it from any device you can get online with. So no worries about importing or exporting your data if you switch between iOS and Android, or between Windows and Mac.

    I've been using it since 2008 without a single glitch or any problem whatsoever. So bottom line: it's flexible, it's powerful, it's easy, it's convenient and it's FREE. And of course it's encrypted, so your data safe. Why you would spend any money on any of the apps mentioned in this article is a mystery.
  • richardparisi
    In your review, you wrote: "Dashlane's killer feature remains its bulk password changer, which can reset hundreds of your passwords at once, saving you time and worry in the event of a major data breach." This is complete BS. I signed up for the service and when I ran the Password Changer, it was only able to auto update 5 of my 164 accounts. FIVE!

    Yes, it's true they can do this with hundreds of sites. And if you happen to have accounts with the same "hundreds of sites" then great. But "hundreds" is a pretty paltry number compared to all the websites in the world. None of my banks or credit cards were on their list, no Google, no Netflix, no Amazon. But they did have 17 permutations of Zenfolio counted among their hundreds.

    Do you actually test these products when you write a review? It's very disappointing to discover such a major inaccuracy. It makes me wonder what else is wrong.
  • nate.h46
    Sooo I knew something here was weird. How could LastPass be a top pick with only 2.5, and no explanation about its weaknesses? Surely value alone isn't good enough to outweigh the downsides of a 2.5-graded app.

    According to the ACTUAL review page, it's given a 4.5, NOT a 2.5. Click "Review" in the LastPass box above, or go to,review-3775.html. This is just some kind of weird error on the part of the author, I guess.
  • C Mayo
    After becoming frustrated with RoboForm, I installed LastPass yesterday based on this review, and today their servers are unreachable. From Google search results, it looks like this is a common issue with LastPass, and the last thing I need is a password manager that only works when it wants to. Uninstalling now, guess I'll give Dashlane a try after all.
  • jamesandjohn
    I am using Dashlane, Would like to have the option to add on separate items as I have my own VPN. Want a perpetual license option as well
  • jamesandjohn
    Using DashLane. Not happy that they do not allow alternative VPNs. Would like it if they had base product with price for extras that are wanted. Also we can get perpetual buying license.
  • psdev
    Very surprised that you did not even try bitWarden. Works well on all browsers and has a native Android app. Best of all, it's FOSS.
  • m_a_t_o
    While Bitwarden is open source software, its usage is quite restricted. Everything is tied to their online / cloud account. Even if you configure your own server (and it is not light on resources by no means) you need licenses to use some features. Features that are bundled with some other password managers "for free". Bitwarden desktop apps are really just web apps (Electron framework based), thus heavy on resources and potentially less secure than small native well written apps. Bitwarden underwent security audit but so did many other services / software, e.g. 1Password, Enpass, etc.

    So for instance Enpass is not fully open source, but they use open source encrypted database (SQLCipher) and everything is stored locally, no need for internet at all. Enpass does support synchronisation, but not via their servers, rather many 3rd party services or your own (WebDAV or local folder). So you could sync locally via a shared folder. And yes, I do consider it a big advantage that you have complete control where your data is stored. You own your data, don't have to pay at all (for desktop apps) or just one time (for mobile apps), and all features are available to everyone.

    Bitwarden is surely not the solution we all would like it to be. If anything I'd rather stick with KeyPass (many implementations).
  • glennvictoria
    I use "Intuitive Password" password manager for storing and managing my passwords. This is the password manager that I have been used for years without worry about security and losing my data.
  • youramazingamz
    There is also Hideez Key that stores passwords encrypted on device and commonly used as secure password storage for office workers.
  • falling10
    I would not store it online anyway.